Scammers Could Use Browser Extensions To Steal Bitcoin Author: Ali Raza Last Updated: 16 September 2019 The number of scams related to Bitcoin has escalated over the last few years as the increasing value of the leading cryptocurrency attracts fraudsters. Scammers have devised several different ways through which they run their enterprise. Browser extensions being used for crypto scams Jeremy Welch, CEO of Casa, said that browser extensions could assist scammers in stealing your crypto holdings. Welch issued the warning at the Baltic Honeybadger conference held in Riga over the weekend. Over the first half of this year alone, it is estimated that over $4 billion worth of cryptocurrency was stolen. Although a lot of this has been stolen directly from crypto exchanges by hackers, a good portion of it has also been stolen from crypto users through their browsers. Welch said that browser extensions pose a lot of risks, and these risks have not been discussed fully. The extensions that people use on browsers gather a range of personal information and data, which can be used by scammers when they try to access a person’s crypto wallet. Browser history could reveal one’s online habits and information about any crypto related site visits or any crypto activity they might engage in. The availability of this information and the ease with which scammers can access this information creates a high risk for a crypto user. Some browsers and extensions save a user knows your customer (KYC) information, which could fall into the wrong hands. Welch warmed crypto users against using commonly used software which gathers and keep personal data about their users. Welch warned crypto users against exposing their Bitcoin addresses on browsers or when they engage in Bitcoin trading. Malware stealing data covertly Welch warned crypto users about malware which steals personal data from browsers. This malware is installed on a person’s device or browser through extension programs that seem harmless. He cited extension wallpapers displaying inspirational quotes or other similar content while they steal your KYC data as you enter it on various websites. The malware could also save images of your personal documents as you upload them to various sites that require you to do so. A picture of your ID document could end up in the hands of hackers. These wallpaper extensions could go as far as altering a Bitcoin address to which one is trying to send cryptocurrency. The applications that provide such extensions to users are growing in popularity, and this has made them a popular method through which scammers run their fraudulent schemes. Several applications which are being used on a daily basis such as text editing app, Grammarly, and Bitcoin earning extension, Lolli, request permission from users to gather personal data and passwords for websites they visit. Welch said that there is a need for developers to build better security tools and make user experiences safer. When traders purchase Bitcoin, they have to make sure that they take all measures to protect their personal data. He added that Casa is working on security research, and they encourage more Bitcoin developers to come on board with their ideas for the improvement of security.