Chrome Extension Could Be Vulnerable to Cryptocurrency Malware

The Cryptsy Dogecoin Live Ticker Chrome extension could be susceptible to malware monitoring visits to cryptocurrency exchanges or wallets.

AccessTimeIconApr 21, 2014 at 6:04 p.m. UTC
Updated Sep 3, 2021 at 11:52 a.m. UTC

Presented By Icon

Election 2024 coverage presented by

Stand with crypto

A browser extension for Google Chrome is reportedly capable of stealing bitcoin and other altcoins from its users.

Called the 'Cryptsy Dogecoin (DOGE) Live Ticker' in the Chrome Web Store, the extension is susceptible to updates that begin monitoring visits to cryptocurrency exchanges and wallet sites. A representative from Cryptsy has told CoinDesk that the exchange is not affiliated with the extension in any way.

  • Bitcoin Mining in the U.S. Will Become 'a Lot More Decentralized': Core Scientific CEO
    13:18
    Bitcoin Mining in the U.S. Will Become 'a Lot More Decentralized': Core Scientific CEO
  • Binance to Discontinue Its Nigerian Naira Services After Government Scrutiny
    05:10
    Binance to Discontinue Its Nigerian Naira Services After Government Scrutiny
  • The first video of the year 2024
    04:07
    The first video of the year 2024
  • The last regression video of the year 3.67.0
    40:07
    The last regression video of the year 3.67.0
  • The warning about the extension was posted on reddit, along with the following advice:

    "Be careful of what you install on your devices you use to access your wallets."

    How it steals coins

    Software within the extension monitors web activity and looks for users who go to exchange sites such as Coinbase. During a transaction, the extension attempts to replace the receiving address with one of its own.

    A reddit user reported this happening in a withdrawal from cryptocurrency exchange MintPal, having had the extension installed.

    Extensions or add-ons that are related to cryptocurrencies are a logical tool for would-be thieves, as cryptocurrency-related software is generally used by those who hold onto digital coins.

    Malware on the rise

    The presence of cryptocurrency-related malware is on an upward trend. The rising value of coins, coupled with the increasing number of altcoins has essentially created a new cottage industry, whereby malicious software tries to steal virtual money.

    Dell SecureWorks released a report in February stating that it had identified almost 150 different strains of bitcoin-related malware.

    Another sought-after method of malware infects a device and tries to generate coins by mining, which is not very effective given the specialized hardware now required to complete proof-of-work algorithms that reward miners.

    Ultimately, it ends up being a huge resource drain for users' machines. Or, as in this instance, a seemingly useful tool like the Cryptsy Dogecoin Live Ticker ends up being used for nefarious purposes.

    Protecting coins

    To guarantee high levels of security, it's important to choose an exchange or wallet service that enables two-factor authentication. This method of verifying actions requires more than one device, which will decrease the chances of malware making changes to your transactions.

    mar2014java

    It might be better, though, to simply store coins in a brain wallet or paper wallet. Bitcoin Vigil, which monitors bitcoin theft, is a concept that may be useful for thwarting thieves, since storing coins on a local machine connected to the internet has vulnerabilities.

    As Cryptsy Dogecoin Live Ticker demonstrates, it is probably better to simply stay away from add-ons and extensions on any computer used to store your coins.

    Malware image via Shutterstock

    Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.


    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.