Google: KryptoKit Wallet Extension Issue Caused by Malware

The Chrome team has resolved an issue that caused KryptoKit users to fear their bitcoins had been lost.

AccessTimeIconMay 21, 2014 at 10:31 a.m. UTC
Updated Sep 11, 2021 at 10:47 a.m. UTC

Google has managed to identify and fix a problem that started plaguing users of the bitcoin wallet extension KryptoKit yesterday and caused many to worry that their bitcoins might be irretrievably lost.

Early on 20th May, KryptoKit users started reporting that the extension was mysteriously removing itself from Chrome without prior notice. They also found that the extension had disappeared from the Chrome app store.

developers tried their best to work out a solution, but it soon became apparent that Google itself was behind the abrupt removal.

Malware alert

Google reinstated KryptoKit’s account a few hours after the issue was detected, but, it did not offer an explanation at the time.

Finally, Google’s Chrome team took to reddit last night to explain what happened, with Google Chrome Product Manager Tyler Odean apologizing for the confusion and explaining what caused the problem.

Odean stressed that no data was compromised or removed from user machines at any point, adding:

“What happened in a nutshell was that real malware was mimicking KryptoKit, which caused our blacklisting protections to get confused.”

The post indicated that the malware developer was trying to steal bitcoin keys using the KryptoKit codebase to build their own malicious extension. Much of the code was identical, so Google flagged the real KryptoKit extension, blacklisting it along with the malware version.

As soon as the issue made it to reddit, the team realised the mistake and reenabled KryptoKit on users' machines.

Bitcoin enthusiasts

Tyler went on to point out that Google has not changed its stance on bitcoin:

“Obviously this is a learning experience for us and we are continuing to perfect our protections in the webstore. But we wanted to emphasize that we are definitely not seeking to limit Bitcoin extensions in general or the KryptoKit extension in particular – but rather trying our best to keep users safe from malicious exploits.”

Interestingly, Odean said many Chrome team members are bitcoin enthusiasts, and ended his reddit post with a strong hint that he is too: “Cheers, Tyler, Bullish”.

Google image via lightpoet /


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.