Google has removed from the online store of extensions for Chrome 22 more utilities that were distributed under the guise of applications of popular cryptocurrency wallets, including Ledger and MetaMask.
The Naked Security news site, run by security firm Sophos, reports that Google has removed 22 fraudulent utilities from its online store of Chrome browser extensions. The extensions were discovered by MyCrypto platform security researcher Harry Denley.
Fraudulent applications were distributed under the guise of extensions of popular cryptocurrency wallets MyEtherWallet, Trezor, Electrum, Ledger and Metamask. Extensions reproduced an interface identical to wallets in order to force users to reveal their private keys and mnemonic phrases.
Apparently, new fraudulent extensions appear in the Google Chrome store as soon as the next batch of such applications is removed. In the middle of last month, it was reported that Google removed
49 such extensions from the Chrome store. They were also distributed under the guise of cryptocurrency wallet apps and were discovered by Harry Denly.
Recall that in December, Google removed
a MetaMask client from the Android app store.