Disguised as a Chrome Extension: Malicious Software Spies on Unsuspecting Users
Experts warn users about a dangerous Google Chrome extension that is designed to spy on you.
As more and more people have gotten interested in cryptocurrency, so have scams targeting it. Security experts at "Cybernews" have recently uncovered a new scam that involves a Google Chrome extension. The curious thing about this scam, is that despite its crude design, the software has not actually been flagged as malicious.
It's a Chrome browser extension named "SpiderX," and is intended to steal information from unsuspecting users but has not yet been identified as harmful software, despite the "obviously malicious intentions" of its creator.
Here's how the scam works: fraudsters pose as a crypto recovery service via email, urging victims to act quickly. Over 52,000 of these spam emails have been sent, targeting those who have already lost money to crypto scams. When victims respond, they're tricked into downloading the "SpiderX" extension, which then captures screenshots, login credentials, and browsing history.
Despite being "amateurishly executed," the extension has flown under the radar. The extension was even promoted in the Chrome Web Store as a tool for detecting malicious code but had no reviews, and it wasn't flagged by malware detectors.
Interestingly, the scammer made careless mistakes, using their own personal data in tests, which helped investigators trace them to Israel. They even tried getting others to post fake reviews to make the extension seem more credible.
If you've fallen for this scheme, experts advise:
- Remove the malware from the Chrome browser, and check any other devices using synchronized browsers.
- Close all active sessions on important online accounts, such as Google.
- Change all passwords that were used or stored on the affected device, starting with the most important ones, like online banking.
- Transfer cryptocurrencies to a new wallet.
- Backup important files, and completely reset the affected device.
- Check for unauthorized transactions and see if it's possible to reverse them through the relevant institutions.
- Investigate whether any accounts were opened with stolen data, such as with banks or crypto platforms.