Recently, an anonymous cryptocurrency investor known as “Sell When Over” on X revealed a devastating loss of $800,000 as a result of alleged malicious Google Chrome browser extensions. The investor initially noticed a loss of $500,000 from various wallet applications and suspected that they had been the victim of an extension attack after discovering two suspicious extensions on their Chrome browser.
Upon further investigation, it was uncovered that the compromise resulted in a total loss of $800,000. The investor believed that their Google Chrome browser may have been compromised, potentially through a keylogger targeting specific crypto wallet extensions. Despite several weeks of postponing a Chrome update, a mandatory Windows update eventually forced a system restart, leading to the disappearance of all tabs and reset of extension logins on Chrome.
The investor was forced to manually re-enter all credentials on Chrome and reimport seed phrases for their cryptocurrency wallets from a secure device. It was suspected that a keylogger compromised sensitive information, ultimately leading to the draining of funds. The suspicious extensions identified were “Sync test beta” and “Simple Game,” with an auto Korean translation setting also enabled in Chrome.
The investor referred to the incident as an $800,000 costly mistake and emphasized the importance of being cautious when prompted to input sensitive information. They advised wiping the entire PC if anything seems off to prevent such losses in the future. The investor’s guard was down due to a major Chrome update that coincided with the incident, leading them to believe that the reset of extensions and loss of tabs were simply a result of the update.
As of the latest update on the situation, the attackers reportedly transferred the stolen funds to two exchanges: MEXC in Singapore and Gate.io in the Cayman Islands. This highlights the sophistication and severity of the attack, resulting in significant financial losses for the investor.
Overall, this incident serves as a warning to cryptocurrency investors to remain vigilant against potential cyber threats, such as malicious browser extensions. It underscores the importance of keeping software up to date and being cautious of any suspicious activity that may compromise sensitive information.
Leave a Reply