A cryptocurrency investor known as “Sell When Over” suffered a devastating loss of $800,000 due to two malicious Google Chrome extensions. These extensions, named “Sync test BETA (colorful)” and “Simple Game,” allegedly contained keyloggers that targeted specific wallet extension apps, compromising the investor’s confidential information. The attack occurred after a Chrome update forced the investor to restart their computer, resulting in the loss of all browser extensions and tabs.
Despite initially detecting no unusual activity, the investor later discovered the malicious extensions during an investigation. Analysis revealed that the “Sync test BETA (colorful)” extension functioned as a keylogger, sending data to an external website’s PHP script. Meanwhile, the “Simple Game” extension was found to monitor the status of browser tabs. The funds stolen by the attackers were transferred to two exchanges, MEXC and Gate.io.
This incident serves as a stark reminder of the risks associated with malicious browser extensions in the cryptocurrency sector. Cybersecurity researchers have previously warned about such threats, with reports of malware like Rilide being used to deploy rogue extensions capable of draining crypto funds. As the investigation continues, the investor urges vigilance and emphasizes the importance of thorough security measures to prevent similar losses in the future.
