OMG! Chrome Extension Gone Rogue, Your Crypto Wallet’s Private Keys Are in Danger!

🚨 Attention all crypto enthusiasts! 🚨

Researchers have discovered a major breach in a popular Chrome extension, SwitchyOmega, that’s putting your precious crypto wallets at risk!

Apparently, a sneaky phishing email targeted an employee at Cyberhaven, an AI-powered data security company. The email claimed that Cyberhaven’s browser extension violated Google’s policies and threatened removal unless immediate action was taken. 😲

As a result, the attacker used OAuth to access the Cyberhaven account, enabling them to upload the compromised extension version (24.10.4). And guess what? As the extension was updated, users unknowingly installed the malicious code! 😱

The malicious version of the extension appears to have been capable of stealing sensitive data, including private keys and mnemonic phrases from crypto wallets. It remains unclear though how many of the 500,00 affected users were exposed to the exploit. Analysts at SlowMist have advised users to check the installed extension IDs to ensure they match the official version.

Attacks on crypto traders through browser extensions aren’t anything new as bad actors have been trying to exploit them for a while now. But hey, at least we can all have a good laugh at the expense of our own gullibility! 🤣

In September 2024, analysts at cybersecurity firm Group-IB revealed that the notorious North Korean hacking gang Lazarus Group, known for its sophisticated cyber campaigns against the crypto industry, has intensified its efforts to target crypto professionals and developers through fake video apps and expanding its targeting of browser extensions.

2025-03-12 15:38

Read More