The cybersecurity experts from Cybernews have issued a warning regarding the Chrome extension known as SpiderX Wallet. This malicious extension is designed to spy on users, gathering sensitive information such as login credentials and screenshots. To promote the extension, cybercriminals are primarily using spam emails.
According to Cybernews, a staggering 52,000 emails were dispatched in just a few days, targeting individuals who have previously fallen victim to cryptocurrency scams.
The fraudulent emails were crafted to appear as though they were sent by various companies or institutions specializing in the recovery of cryptocurrencies. Examples cited by Cybernews include claimyourrefund[.]net, fca-recovery[.]org, and spiderx[.]co.
These spam messages claimed they could assist victims in recovering stolen or lost crypto assets or unlocking accounts frozen due to unregistered cryptocurrency trading services. Following this, victims were encouraged to install the SpiderX Wallet Chrome extension, which secretly captured screenshots, collected login information, and transmitted the entire browsing history to the fraudsters.
Extension Bypasses Malware Protections
According to Cybernews, the SpiderX extension allegedly processes data and browsing history to detect harmful code. Surprisingly, it appears to have evaded detection by anti-malware programs and managed to slip through the security measures of the Chrome Web Store.
“Interestingly, none of the malware detection providers available on VirusTotal flagged the extension as malicious, despite static code analysis clearly revealing that the application collects information from websites and sends it to a remote server. The entire logic and the methods used were not obfuscated,” the Cybernews researchers noted.
The criminal’s tactics weren’t the only thing that lacked sophistication; they also failed to effectively cover their tracks. “It seems the perpetrator established and tested the infrastructure prior to launching the campaign using their email, IP address, and other personal information. This data points to an individual located in Israel,” revealed the experts from Cybernews.
Current Status of the SpiderX Wallet
The Chrome Web Store has since removed the SpiderX extension. However, this instance of fraud is not likely to be an isolated case. Depending on the level of professionalism behind such scams, it may be exceedingly difficult for individuals to spot fake emails. Here are some precautionary measures you can take:
- Avoid clicking on links in emails that claim urgency.
- Do not follow instructions in emails that suggest installing extensions or other software.
- Look out for spelling mistakes, incorrect contact details, or errors in company logos, as these can indicate a fraudulent email.
- If in doubt, call the company directly using the phone number listed on their official website to verify if they sent you an email.
Editor Ulrike Barth has also provided additional insights on what you need to know about scam tactics related to financial transactions.
These protective strategies are crucial in today’s digital landscape, where cybersecurity threats are rampant. Being informed and vigilant can save you from potential losses and scams.
As a young independent media, Web Search News aneeds your help. Please support us by following us and bookmarking us on Google News. Thank you for your support!