Harry Denley, a well-known security researcher, discovered an extension of Chrome that deceived people to participate in an airdrop – a cryptocurrency and token game – completely false on the Huobi platform. The reality is that his real purpose was to steal digital coins.
200 people were victims of the NoCoin extension
Google quickly removed it from the Chrome Web Store upon learning of the situation. However, the above did not prevent the technology company from receiving criticism for approving its availability. Remember that the Mountain View “verify” all extensions to verify that they do not include malicious code. It would not be the first time
The extension, called NoCoin, was promoted as a tool to protect itself from crypto malware. However, to participate in the airdrop, I asked users for the private keys of wallets such as Blockchain.com and MyEtherWallet. Of course, the data was sent to the cybercriminals, who did not take long to steal the available cryptocurrencies.
Unfortunately, up to 200 users were affected by the extension
The extension obtained a total of 230 downloads before being deleted. His last campaign of fake contests was that of Huobi, but everything indicates that previously they carried out similar practices to attract more victims.
Not a first for Google
It is not the first time that Google is the center of the controversy on issues related to security. Since the previous year, it has been criticized for allowing all types of malware to reach Google Play and, on other occasions, the Chrome Web Store. Without going any further, in recent days 210 apps were identified that installed adware on Android devices. The problem will continue as long as its verification processes are not stricter.