An anonymous cryptocurrency investor known as “Sell When Over” on a platform reported a staggering loss of $800,000 as a result of two suspicious Google Chrome browser extensions. The investor initially noticed a loss of $500,000 from their various wallet applications, prompting them to suspect foul play.
Upon further exploration, the investor found that their Chrome browser had potentially been compromised, leading to the extensive financial loss. They believed that a keylogger may have targeted specific crypto wallet extensions, causing the funds to be drained surreptitiously.
The victim had postponed a Google Chrome update for some time, but a mandatory Windows update eventually forced a system restart, resulting in the disappearance of all tabs and a reset of extension logins. This prompted the investor to manually re-enter all credentials and reimport seed phrases for their cryptocurrency wallets from a separate secure device.
After the incident, the investor identified two suspicious extensions – “Sync test beta” and “Simple Game,” as well as an auto Korean translation setting enabled in Chrome. They confirmed that the “Sync test BETA” extension was indeed a keylogger, while “Simple Game” appeared to monitor tab activities and communicate with an external PHP script.
The investor reflected on the experience as an $800k costly mistake and urged others to be vigilant. They emphasized the importance of taking immediate action if anything seems unusual, such as being prompted to input a seed phrase, by wiping the entire PC as a precautionary measure.
The investor admitted that their guard was down due to a major Chrome update happening simultaneously, which altered the user selection process and sign-in interface with Google. This confusion led them to believe that the extension reset and tab loss were a result of the legitimate update, further highlighting the need for heightened awareness and caution in the cryptocurrency space.
The cryptocurrency investor’s unfortunate loss serves as a cautionary tale for all crypto investors to remain vigilant, regularly update their security measures, and promptly address any suspicious activity to protect their valuable assets.