A cryptocurrency investor who goes by the username “Sell When Over” on X recently reported a staggering loss of $800,000. The investor initially noticed a loss of $500,000 from various wallet applications and suspected that they had fallen victim to a cyber attack through their Google Chrome browser. The user raised the alarm on X, highlighting the appearance of two suspicious browser extensions that they believed to be the source of the compromise.
Upon further investigation, the victim discovered the full extent of the breach, resulting in a total loss of $800,000. It was suspected that a keylogger had been utilized to target specific cryptocurrency wallet extensions. The trader had previously delayed a Google Chrome update, but a mandatory Windows update eventually led to a system restart, causing all tabs to disappear, and extension logins to reset. This forced the victim to re-enter all credentials on Chrome and manually import seed phrases for their wallets from a separate secure device.
After conducting a preliminary investigation, the victim identified two suspicious extensions – “Sync test beta” and “Simple Game,” as well as an auto Korean translation setting enabled in Chrome. The “Sync test beta” extension was confirmed to be a keylogger, while “Simple Game” appeared to monitor tab activities and communicate with an external PHP script. Despite their efforts, the user remained uncertain about the exact method of compromise but emphasized the costly lesson learned from the ordeal.
The cryptocurrency investor expressed regret over the $800,000 mistake and advised others to remain vigilant. They stressed the importance of following one’s instincts and taking immediate action if anything seems suspicious enough to prompt seed input. The user admitted that their guard had been down due to a major Chrome update, which caused them to overlook the warning signs of the malicious activity. Ultimately, the attackers were able to transfer the funds to two exchanges – MEXC in Singapore and Gate.io in the Cayman Islands.
This incident serves as a stark reminder of the dangers posed by malicious browser extensions and the critical importance of maintaining a high level of cybersecurity awareness. It underscores the need for users to regularly update their software, remain cautious of suspicious activities, and take swift action in response to any potential threats to their sensitive information and financial assets.
Leave a Reply