Following the attempted Google Chrome extension scam involving the Slovenia-based Bitcoin trading platform, Bitstamp, Cointelegraph reached out to CTO of Tokenly and cryptocurrency web app developer, Devon Weller, to ask him a few questions about the scam and Bitcoin security in general.
‘Highly Targeted Attack’
Cointelegraph: Why do you think the scammer targeted the specific sites he did, instead of mass-replacing wallet addresses?
Devon Weller: The extension targets users of these 3 sites: bitstamp.net, hashnest.com, btc-e.com. The extension replaces specific parts of the web pages for those sites where the exchange presents the user with a deposit address. It is a highly targeted attack. This extension malware specifically targets replacing the QR code on these sites.
Perhaps the attacker thought this was a more subtle attack than attempting to generically replace bitcoin addresses en masse, or maybe the creator of this extension was just lazy and wanted to take the easiest path. It’s hard to say.
CT: How great of a risk do you think Google Chrome extensions like the one that targeted Bitstamp are to the Bitcoin community as a whole?
DW: I think the risks of browser extension malware is largely unknown to most users. As Bitcoin becomes more widespread, I expect we will see more instances of it. The risks are greater than most people realize. Google’s Chrome Web Store can make extensions appear to be safe when they are not. It is not like Apple’s App Store - these extensions are NOT reviewed and approved by Google.
CT: How can users protect themselves from losing their Bitcoin in this way?
DW: Never install an extension from a person or company you do not trust. For better security, use a browser without extensions installed. Using incognito mode without extensions running can improve your personal security when dealing with bitcoin exchanges.
Cointelegraph would very much like to thank Devon Weller for spending time with us for this interview. His twitter can be found here.