Browser Extensions Can Steal KYC Data, Alter BTC Transactions

According to Casa CEO Jeremy Welch, Innocent-seeming browser extensions can be used by hackers to steal your data.

Crypto thieves are nothing if not creative. Social engineering, cryptojacking, viruses, phishing, exit scams, honey pots–all of these are an all-too-common part of the cryptocurrency landscape. Now, crypto hackers may have found yet another way to illicitly gain access to your coins: browser extensions.

According to Casa CEO Jeremy Welch, who spoke at the Baltic Honeybadger conference over the weekend, “browser extensions impose major risks, and these risks haven’t been discussed until this point.” Casa is a cryptocurrency custody firm that specializes in building multi-signature solutions for high-volume hodlers.

London Summit 2019 Launches the Latest Era in FX and Fintech – Join Now

Suggested articles

Pure Markets' CEO Talks Business Model, 2020 OutlookGo to article >>

Browser extensions can covertly steal KYC data, alter Bitcoin transactions

Indeed, regardless of your browser settings extensions may have the ability to “spy” on you and gather a wealth of personal data–data that can be accessed and used by malicious forces. For example, scammers who gain access to browser history may use it to target internet users who frequent online cryptocurrency exchanges or access their cryptocurrency wallets through the web.

Browser extensions can also be used to gather KYC information: name, birthdate, address, even social security numbers. Welch specifically mentioned that this data could be used to access multi-signature wallets supplied by US-based custody service Unchained Capital, which asks for KYC information. Finance Magnates reached out to Unchained Capital, but the company had not responded at press time.

CoinDesk reported that Welch then demonstrated how an extension that had the expressed purpose of providing wallpapers with inspiring quotes would identify and steal personal data as internet users filled in KYC forms: “the malware stole graphical data, like a photo of your driver’s license, which is captured as a code and then easily decoded, providing an actual picture of your ID document to hackers.

The same wallpaper extension was also capable of altering receiving cryptocurrency addresses for Bitcoin wallets so that transactions sent through online wallets would be received by hackers.

Welch said that there’s no easy solution to this particular problem, but that it’s something that developers need to be aware of “we all need to be discussing this issues more, because we’re not even in the phase yet when real attacks will be taking place.”

Finance Magnates interviewed Casa’s head of strategy, Alena Vranova, earlier this year. To hear that interview, click here.

Got a news tip? Let Us Know