X

1454 Views

Chrome’s Extension Nigelify Was Used to Mine Cryptocurrencies

Spread the love
  • 1
    Share

More and more malicious addresses infect users’ devices. The latest breakthrough was made by Radware researchers. They identified a Chrome extension that was meant to illegally mine cryptocurrency.

With the growth of the crypto sector and the increasing number of investors, there are taking place more and more hacker attacks. Several cryptocurrency trading platforms have already advised clients to secure their accounts at least through the two-factor-authentication method.

An expert advice is to keep your private keys in a hardware wallet, such as Trezor or Ledger Nano S, due to their high security. However, it seems that thefts of access to the crypto wallets should not worry us the most. The researchers have identified a new way for hackers to reach the user’s device and mine cryptocurrency, namely Google Chrome extensions.

Radware’s cybersecurity firmware revealed on 10 May that a number of cybercriminals used the Chrome extension called Nigelify, which consisted of malicious code to break the system of each user and take control of it. It’s assumed that their purpose is to mine crypto assets. Unfortunately, the scam extension can avoid Google’s checking for some encrypted forgery.

Radware claimed that the cybercriminals behind the malware “has been active since at least March of 2018 and has already infected more than 100,000 users in over 100 countries.” The infected equipment are located in large proportions in Ecuador, Philipines, and Venezuela.

Figure 1: The malware kill chain

How it works

According to the researchers, “the malware redirects victims to a fake YouTube page and asks the user to install a Chrome extension to play the video.” If you click on “Add Extension”, your device will be infected with a cryptographic virus and will be under the control of hackers. The malware is available on both Windows and Linux operating systems.

Figure 2: Fake YouTube page

Taking into account the Radware’s research, the malware extension can use any device to mine Monero, Electroneum, and Bytecoin. The cybersecurity firm reveals that malware extension has managed to mine $ 1,000 worth of crypto assets in just six days.

1 Shares

You may be interested

Spain May Soon Require Investors to Reveal Their Crypto Holdings
News
130 views
News
130 views

Spain May Soon Require Investors to Reveal Their Crypto Holdings

Solomon Magawi - October 23, 2018

As Bloomberg reported recently, the Spanish government proposed a controversial bill that would require cryptocurrency investors to disclose their holdings.…

The US Government Seized Over $700,000 Worth of Cryptos from a Dark Web Drug Dealer
News
170 views
News
170 views

The US Government Seized Over $700,000 Worth of Cryptos from a Dark Web Drug Dealer

Joshua Tayo - October 23, 2018

Oxymonster, a dark web drug dealer who specialize in the sales of Grade drugs has been sentenced to 20-year in…

Cold Wallet vs Hot Wallet: What’s The Difference?
Learn
1025 views
Learn
1025 views

Cold Wallet vs Hot Wallet: What’s The Difference?

Anca Faget - October 23, 2018

Wallets are software programs and devices which store the private and public keys of Bitcoins and other cryptocurrencies. There are…