A mysterious crypto investor going by the name “Sell When Over” on platform X shares that they’ve incurred a substantial loss of approximately $800,000 as a result of two suspected malicious Google Chrome add-ons.
An investor sounded the warning by sharing on X that they had uncovered a total loss of $500,000 across various digital wallets.
Chrome Extension Attack Leads to $800k Loss
“They revealed that they believed their Chrome browser had been targeted by malicious extensions, with two suspect ones having been detected. Upon further examination, the user discovered the severity of the breach, resulting in a significant loss of $800,000.”
It seems the cost of the total breach is approximately $800,000. I have my suspicions that this was an attack on Google Chrome, potentially involving a keylogger designed to target wallet extension applications. This could be due to a vulnerability in Chrome, which may have arisen from my neglecting regular updates or being infected with undetected malware.
— Sell When Over | 9000.sei (@sell9000) April 8, 2024
Around four weeks ago, the trader kept putting off updating Google Chrome on several occasions. But then, a compulsory Windows update made it necessary for the system to restart. Once the computer was back on, the trader found that all their open tabs in Chrome had vanished and extension logins needed to be re-entered.
After the occurrence of the event, the affected party had to log back into their Chrome account and input their login information again. Additionally, they needed to manually restore the backup phrases for their digital wallets using a different safekeeping device.
The user is concerned that a keylogger may have stolen their confidential data, resulting in later financial losses. Despite this, they noticed no unusual activity in their web browser after restarting it, and their antivirus software reported no problems and no questionable add-ons.
Chrome Extensions Identified as Keyloggers
Following their initial examination, the team discovered two potentially problematic extensions: “Sync test beta” and “Simple Game,” as well as an automatic Korean translation feature activated in Google Chrome.
The user was uncertain about how their Chrome browser had been hacked, but they were certain that the “Sync test Beta” extension functioned as a keylogger. Additionally, it seemed that the “Simple Game” extension kept track of tab activities and interacted with a PHP script on an external website.
“This error costs us $800k – a crucial reminder: if anything raises suspicion and makes you consider entering a password, it’s best to completely reset your computer instead.”
They mentioned that their security shield had momentarily weakened due to Chrome’s substantial update, which brought modifications to the method users select text and sign in with Google. Consequently, they assumed that the extinction of their extensions and disappearance of tabs were caused by these alterations within the update.
According to the most recent information, it is said that the hackers have moved the stolen funds to two different exchanges: MEXC, which is based in Singapore, and Gate.io, with its headquarters on the Cayman Islands.
Read More
- AAVE PREDICTION. AAVE cryptocurrency
- BONE PREDICTION. BONE cryptocurrency
- The Last Epoch Dilemma: Confronting the Gold Dupe Crisis
- Uncovering the Mystery of Red King Players in Clash Royale – What Reddit Users Have to Say
- Discovering the Infinite Power: The Abiotic Factor that Could Change Everything
- Skull and Bones: Navigating the Quest for Extra Teeth in the Game
- Finding Resources in Palworld: Tips from the Community
- UFO PREDICTION. UFO cryptocurrency
- The 10 Best Movies of 2024 (So Far)
- W PREDICTION. W cryptocurrency
2024-04-08 21:24