A Google Chrome browser expansion tricking users into engaging in a fake airdrop from cryptocurrency exchange Huobi maintained over 200 victims, a security researcher reported in a blog post on March 14.
Denley noticed that hackers had concealed the malicious extension to look like a tool protecting users from cryptocurrency malware or even so-called cryptojacking.
The expansion lay at the end of a fake giveaway campaign, apparently from crypto exchange Huobi, which offered worthless ERC20 Ethereum network-based tokens to unwitting customers.
The expansion for Chrome browser, together using the name NoCoin, obtained 230 downloads before Google deleted it, based on Harry Denley, who conducts cryptocurrency scam database EtherscamDB.
“By the beginning, it looked like it did what it should — it had been detected [sic] various CryptoJacking scripts […] and there was a great UI to allow me to know it had been doing its own job,” he also clarified from the blog post.
Since Cointelegraph reported last month, users of cryptocurrency pockets Electrum and MEW were facing phishing attacks, based on articles printed on Reddit and Twitter.
Google itself has come under fire because of its very own apparent lack of diligence in earlier times in February pulling a fake version of popular decentralized program MetaMask out of its Play store.
Since Cointelegraph proceeds to report, bad actors targeting cryptocurrency users have sought increasingly more rigorous procedures of tricking novices into committing over access to funds. Just this week, a report identified cryptojacking as a indication of increasingly discreet behaviour of hackers.
Beneath the facade, however, it became apparent that the extension asks the input of private keys out of popular wallet ports MyEtherWallet (MEW) and also Blockchain.com. Private keys are then sent to hackers, who can empty pockets of holdings.
It is unknown just how long the expansion remained available for Google Chrome users.