Bitcoin exchange BitStamp has informed its followers on Twitter about a malicious Chrome extension that can steal their cryptocurrency. The app looks like a legit ad remover from the Chrome store.
The extension called BitcoinWisdom Ads Remover reportedly replaces QR code images on bitcoin exchanges with its own address. The scheme has been confirmed by Devon Weller, web application and cryptocurrency software developer, who double-checked the source code. The application claims it removes “the annoying ads showed on bitcoinwisdom.com.”
BitcoinWisdom is one of the most widely used bitcoin websites for technical analysis. It shows live price charts of bitcoin and other cryptocurrencies from multiple bitcoin exchanges. The graphs allow to see the order book, a list of past orders, trading volume, and the moving averages over the past 7 and 30 days, which can be used as indicators to predict the market behaviour in the near term.
BitStamp is renowned for fighting bitcoin theft. In 2015, the bitcoin exchange lost 18,866 BTC, equal to nearly $5 mln at that day’s exchange rate, or 12% of its total bitcoin capital. According to the company’s official statements, the stolen money made just a small part of Bitstamp’s bitcoin reserves and did not include customers’ money, “the overwhelming majority of which are held in secure offline cold storage systems.” The attack repeated several months later: cybercriminals sent phishing emails to BitStamp customers, demanding their logins and passwords.
In January 2016, the company closed access for Russian customers referring to a prohibition allegedly issued by Russian authorities. However, the existence of such a prohibition at that time was not confirmed. Some suggested that the real reason for blocking Russian IP addresses was that the threat of fraud and scam coming out of Russia was causing more losses than any profits the country could bring.
Sonya Belova