A cybersecurity company, Trend Micro recently reported that a malicious Google Chrome extension has been revamped to target cryptocurrency exchanges.
“Our analysis reveals FacexWorm’s capabilities were made over. It retains the routine of listing and sending socially engineered links to the friends of an affected Facebook account, just like Digmine. But now it can also steal accounts and credentials of FacexWorm’s websites of interest. It also redirects would-be victims to cryptocurrency scams, injects malicious mining codes on the webpage, redirects to the attacker’s referral link for cryptocurrency-related referral programs, and hijacks transactions in trading platforms and web wallets by replacing the recipient address with the attackers.”
According to the Trend Micro the Chrome Extension also has the ability to hijack cryptocurrency transactions. The company also reported that Chrome had already removed many FacexWorm extensions before Trend Micro has identified the malware.
Chrome has already banned cryptocurrency mining extensions from web stores in early April.
Trend Micro suggests users stating – “Think before sharing, be more prudent against unsolicited or suspicious messages, and enable tighter privacy settings for your social media accounts.”