On Rocket Chat, Pro-ISIS Group Posts Article On Malicious Cryptocurrency Chrome Extensions

May 1, 2020

On April 29, 2020 on Rocket Chat, a pro-Islamic State [ISIS] group posted a link to a Hacker News website, which reported that 49 Google Chrome browser extensions which had been billing themselves as cryptocurrency wallets were found to contain malicious code and were phishing sensitive user information. According to the article, the browser add-ons were "potentially the work of Russian threat actors" and began to appear on the Google web store as early as February 2020. "All the extensions functioned alike," stated the article, "the only difference being the cryptocurrency wallet brands that were impacted - such as Ledger, Trezor, Jaxx, Electrum, MyEtherWallet, MetaMask, Exodus, and KeepKey — via 14 unique command-and-control (C2) servers that received the phished data." The extensions were removed 24 hours after being reported to Google.[1]

 

[1] Thehackernews.com/2020/04/chrome-cryptocurrency-extensions, April 15, 2020.

Jihad and Terrorism Threat Monitor

JTTM subscribers receive daily updates on imminent and potential threats posed by terrorists, extremist organizations, and individuals worldwide.
For subscription information, click here

Share this Post:

HELP BRIDGE THE LANGUAGE GAP – DONATE TO MEMRI’S 2020 SUMMER CAMPAIGN