A recent report warned that most malicious Google Chrome extensions have come from a single Internet domain registrar – CommuniGal Communications (GalComm) and have been downloaded nearly 33 million times.
Such malicious extensions have proven to be alarmingly dangerous to cryptocurrency investors as popular proponent recently lost all of his Bitcoin savings.
Suspicious Google Extensions Grow
The research compiled by a US-based network security company Awake Security, informs that out of 26,079 examined domains registered through GalComm, 15,160 turned out to be suspicious or malicious. These reachable domains host a variety of traditional malware and browser-based surveillance tools.
This makes them particularly threatening as they utilize several evasion techniques that help them stay under the radar of most security solutions.
“In the past three months alone, we have harvested 111 malicious or fake Chrome extensions using GalComm domains for attacker command and control infrastructure and/or as loader pages for the extensions. These extensions can take screenshots, read the clipboard, harvest credential tokens stored in cookies or parameters, grab user keystrokes (like passwords), etc.”
The research notified that these malicious extensions employing GalComm had been downloaded at least 32,962,951 times. “This only accounts for the extensions that were live in the Chrome Web Store as of May 2020,” reads the paper.
How Does It Affect Crypto?
The report outlined that “trust in the Internet and its infrastructure is critical. Exploiting key components of this infrastructure – domain registration, browsers, etc., shakes the foundation of trust and represents a risk to organizations and consumers alike.”
The same applies to cryptocurrencies. Since they are digital assets that exist and function in the online world, they require a secure digital presence; otherwise, the risks could be significantly detrimental. Such a recent example came from the host of the Protocol Podcast, Eric Savics.
CryptoPotato reported his story, in which he explained how he lost 12 bitcoins. Savics claimed that he was building that position for over seven years and planned to use it to buy an apartment.
However, he became a victim of precisely a fraudulent Google Chrome extension – a fake KeepKey. He entered his recovery phrase in it, which ultimately gave access to all of his holdings to the hackers.
Despite Savics recording a video pleading to the thieves and the cryptocurrency community’s support, the unfortunate event only goes to show how dangerous such malicious extensions can be. As such, investors should review these security tips to protect their digital asset investments.
The Royal Bahamas Police Force and Bahamas Securities Commission have launched a criminal investigation into the now-bankrupt crypto exchange giant FTX. The probe follows previous statements from the securities regulator noting potential mishandling of client funds. Bahamas Regulators VS FTX RBPF spokesperson Chrislyn Skippings announced the probe on Sunday, without offering any details on exactly…
New data suggest that the ecosystem is seeing record network activity. In the last two months, both layers – 1 and 2 – have collectively processed 152 million transactions. However, it is the layer two solutions such as Arbitrum, Optimism, and others that accounted for 58%. On the other hand, Ethereum mainnet transactions were observed…
On April 11, it was reported that Coinbase had been awarded almost $470,000 in damages following a guilty plea in a Manhattan court. The case involved a crypto trader who took tips from his brother who worked at Coinbase Global. According to U.S. District Judge Loretta Preska, Nikhil Wahi was ordered to pay the sum…
[Press Release – Singapore, Singapore, 10th May, 2021] Multi-chain decentralized exchange Dfyn will launch an initial DEX offering (IDO) on the Polkastarter platform today. Dfyn’s defi protocol, which recently closed a $2.4 million funding round that garnered investment from the likes of CMS Holdings, QCP Capital, and Signum, is preparing to raise another $305,000 via…
Brazil’s crypto regulation bill has passed a crucial legislative stage in Senate, where it’s now slated for voting. The development came on February 22 when the Senate’s Economic Affairs Committee unanimously adopted the proposals. What’s Next? If the bill is passed by the Senate, it will move to the lower house, the Chamber of Deputies,…
[PRESS RELEASE – Singapore, Singapore, September 18th, 2024] MatrixPort, a leading digital asset financial services platform and exSat, a breakthrough Bitcoin scalability solution, have entered into a comprehensive strategic partnership. By leveraging their respective strengths, they aim to accelerate the growth and application of the Bitcoin ecosystem, marking the start of a new era in
Bitcoin’s rollercoaster continued in the past 24 hours with a massive $2,000 dump and the subsequent recovery attempt. Most altcoins are covered in red, and the market capitalization has lost $40 billion in a day. Bitcoin’s Wild Ride Continues After a relatively bullish weekend in which BTC gained some value, the primary cryptocurrency seemed primed…
The FTX meltdown may have laid the groundwork for an unprecedented shift in user activity from centralized finance (CeFi) to decentralized finance (DeFi), but the total value locked in the services provided by the latter has taken a serious hit. A new report by Dapp Radar suggested that the non-fungible token (NFT) market has not…
Sam Curry, a security engineer at Yuga Labs, was at the center of a federal investigation conducted jointly by the Internal Revenue Service’s Criminal Investigation Division (IRS-CI) and the Department of Homeland Security (DHS). The investigation traces back to Curry’s involvement in uncovering a cryptocurrency phishing website in December 2022. Sam Curry’s Encounter with Federal