back to article Fake crypto-wallet extensions appear in Chrome Web Store once again, siphoning off victims' passwords

Three weeks after Google removed 49 Chrome extensions from its browser's software store for stealing crypto-wallet credentials, 11 more password-swiping add-ons have been spotted – and some are still available to download. The dodgy add-ons masquerade as legit crypto-wallet extensions, and invite people to type in their …

  1. Claverhouse Silver badge
    FAIL

    Mozilla and Chrome, Sitting in a Tree

    I'm sure New Modern Firefox will soon sedulously ape Chrome as ever, and include password-grabbers as well.

  2. IGotOut Silver badge

    One word.

    Money.

    Anything that gets in the way of that for Google is an inconvenience.

    1. Jamie Jones Silver badge

      Re: One word.

      The same with YouTube. They show video ads which are blatant scams.

      People trust YouTube to be above that, especially with video ads which seem more official.

  3. Sorry that handle is already taken. Silver badge

    Be your own bank!

    Coiners really are suckers for punishment.

    1. John Brown (no body) Silver badge
      Windows

      Re: Be your own bank!

      The most successful scams all seem to have one thing in common. They play on the marks greed.

      1. This post has been deleted by its author

  4. Anonymous Coward
    Anonymous Coward

    If Google have to positively approve these apps to appear on their store ...

    ... are they then vicariously liable for any consequential loses through fraud?

    1. Wellyboot Silver badge

      Re: If Google have to positively approve these apps to appear on their store ...

      Google will comply with any direct judgement made by the highest court, anything else can be ignored until then. Lose less than a million and it'll cost you more (+ several years) to win the case.

    2. ryokeken

      Re: If Google have to positively approve these apps to appear on their store ...

      Dunno about google never talked to IT tho it be interesting if we find out the actual person in charge of their budget...

  5. Blackjack Silver badge

    People are stil using the Chrome Web store?

    When it started it had few apps but it had a lot if cool games. Nowadays is 98% crapware.

  6. Anonymous Coward
    Anonymous Coward

    You've got $50k worth of BTC

    and you typed the key into a web based password manager?

    No soup for you.

    1. Wellyboot Silver badge

      Re: You've got $50k worth of BTC

      Fools and their money...

  7. Pen-y-gors Silver badge

    That's a good idea

    It's such a faff having to type in things to access my bank account online.

    Think I'll launch an app that remembers all the login details and enables one-click login.

    That will be a big help.

    I could share it with other people - for free.

    I wonder how many people will download it?

    1. Wellyboot Silver badge

      Re: That's a good idea

      Just the usual hard of thinking bunch, thousands of 'em!

    2. JCitizen Bronze badge
      FAIL

      Re: That's a good idea

      Well at least the same amount of people who think Chrome's password vault is secure! They wouldn't actually need your manager if they used the built in "service". /s

  8. Mark192 Silver badge

    The article says: "Google has made similar security enhancement announcements about the Chrome Web Store every year since 2011"

    This says it all.

    Stop using no-skill bullshitters in your management positions.

    Get people that know what they're talking about (your engineers, programmers...) and develop their people and project management skills. Turn them into your leaders. They'll turn this around.

    1. Breen Whitman

      Google has an old military like structure. Product managers are like the old generals back in Paris. Engineers and programmers are the soldiers and junior officers in the trenches, knee deep in mud and guts.

      The two never cross over and nothing usurps that structure.

      Yes, occasionally a general notice a young private and invites them to Paris to sodomize them, but thats a different thing.

  9. ryokeken

    Who is google? Nobody if you don’t name who’s responsible for that division

    Who is google? Nobody if you don’t name who’s responsible for that division. Innit half assed to report on a problem, name the company responsible and not name the person at the end of the bucket?what snark you say? Liabilities? I call BS because I’ve read the rag for years and watch uncle Leo on the twit.tv network so I’m acquainted with at least one of your guys worldview, it seems representative of the whole company and supposedly it doesn’t stand for bullshit yet all you do is call out this giant anonymous CEO shield and not the actual physical person who signed off on whatever. It's as if you don’t know how to break down a big problem into small easier to solve ones? you’re not following,uh? You have ten articles about the behemoth Google but you could have ten articles about ten different managers who messed up at google. Still not following? You got a big mouth and tiny balls start naming names, agur

  10. albegadeep

    Agreement doesn't stop criminals

    "Google's Chrome Web Store developer agreement forbids developers from violating intellectual property rights, which probably doesn't mean much to committed law-breakers."

    No kidding. If you're going to commit grand theft, what's a little trademark infringement? The agreement only works against someone in a country where it can be enforced, and where the user won't disappear before the enforcement. In other words, a real developer.

    1. batfink Silver badge

      Re: Agreement doesn't stop criminals

      Damn! I was just writing this malware to steal heaps of money from people, but now I've noticed that this might be against Google's T&C's, so I had better not do it. Curses! Foiled again!

  11. JimPoak
    Joke

    Onece again.....

    Avoid anything with chrome or anything with Chrome in it, Chrome is a toxic metal and should be avoided!

  12. Chris the bean counter

    Does Google make developers prove their identity?

    Aooke does for their app store, including a small fee paid by credit card, and while fallible does make life more difficult and put off chancers.

    1. Anonymous Coward
      Anonymous Coward

      Re: Does Google make developers prove their identity?

      Undoubtedly "Aooke" was a typo (right hand in wrong place on keyboard), but it makes me think of monkeys blindly following a trend; +1 for you.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021