Chrome Extension Could Be Vulnerable to Cryptocurrency Malware

The Cryptsy Dogecoin Live Ticker Chrome extension could be susceptible to malware monitoring visits to cryptocurrency exchanges or wallets.

Apr 21, 2014 at 6:04 p.m. UTC
Updated Sep 11, 2021 at 10:40 a.m. UTC

A browser extension for Google Chrome is reportedly capable of stealing bitcoin and other altcoins from its users.

Called the 'Cryptsy Dogecoin (DOGE) Live Ticker' in the Chrome Web Store, the extension is susceptible to updates that begin monitoring visits to cryptocurrency exchanges and wallet sites. A representative from Cryptsy has told CoinDesk that the exchange is not affiliated with the extension in any way.

The warning about the extension was posted on reddit, along with the following advice:

"Be careful of what you install on your devices you use to access your wallets."

How it steals coins

Software within the extension monitors web activity and looks for users who go to exchange sites such as Coinbase. During a transaction, the extension attempts to replace the receiving address with one of its own.

A reddit user reported this happening in a withdrawal from cryptocurrency exchange MintPal, having had the extension installed.

Extensions or add-ons that are related to cryptocurrencies are a logical tool for would-be thieves, as cryptocurrency-related software is generally used by those who hold onto digital coins.

Malware on the rise

The presence of cryptocurrency-related malware is on an upward trend. The rising value of coins, coupled with the increasing number of altcoins has essentially created a new cottage industry, whereby malicious software tries to steal virtual money.

Dell SecureWorks released a report in February stating that it had identified almost 150 different strains of bitcoin-related malware.

Another sought-after method of malware infects a device and tries to generate coins by mining, which is not very effective given the specialized hardware now required to complete proof-of-work algorithms that reward miners.

Ultimately, it ends up being a huge resource drain for users' machines. Or, as in this instance, a seemingly useful tool like the Cryptsy Dogecoin Live Ticker ends up being used for nefarious purposes.

Protecting coins

To guarantee high levels of security, it's important to choose an exchange or wallet service that enables two-factor authentication. This method of verifying actions requires more than one device, which will decrease the chances of malware making changes to your transactions.

CoinDesk - Unknown

It might be better, though, to simply store coins in a brain wallet or paper wallet. Bitcoin Vigil, which monitors bitcoin theft, is a concept that may be useful for thwarting thieves, since storing coins on a local machine connected to the internet has vulnerabilities.

As Cryptsy Dogecoin Live Ticker demonstrates, it is probably better to simply stay away from add-ons and extensions on any computer used to store your coins.

Malware image via Shutterstock

The Festival for the Decentralized World
Thursday - Sunday, June 9-12, 2022
Austin, Texas
Save a Seat Now

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Trending

1
CoinDesk - Unknown
The Curious Case of Coinbase's India Communications Strategy

Reverberations remain from the company's ill-fated Indian launch.

Reverberations remain from the company's ill-fated Indian launch.

CoinDesk - Unknown
2
CoinDesk - Unknown
First Mover Asia: Crypto Carbon Trading Is Racing to Clean Up Its Act; Cryptos Drop Even as Stocks Rise

Carbon credit protocols have had a difficult time in recent months but have been working to improve the way they operate; bitcoin outperformed other major cryptocurrencies in Thursday trading.

Carbon credit protocols have had a difficult time in recent months but have been working to improve the way they operate; bitcoin outperformed other major cryptocurrencies in Thursday trading.

CoinDesk - Unknown
3
CoinDesk - Unknown
Terra Devs Need a Home. Other Blockchains Are Courting Them

Armed with multimillion-dollar ecosystem funds, chains like Polygon and Kadena are trying to woo coders whose work is endangered by Terra’s meltdown.

Armed with multimillion-dollar ecosystem funds, chains like Polygon and Kadena are trying to woo coders whose work is endangered by Terra’s meltdown.

CoinDesk - Unknown
4
CoinDesk - Unknown
Circle Recommends Against a Digital Dollar, and Ethereum Beacon Chain Suffers Longest ‘Reorg’ in Years

The most valuable crypto stories for Thursday, May 26, 2022.

The most valuable crypto stories for Thursday, May 26, 2022.

CoinDesk - Unknown