Google Chrome Extension Caught Stealing Bitcoin From Users

An anonymous reader writes: Bitcoin exchange portal Bitstamp is warning users of a Google Chrome extension that steals their Bitcoin when making a transfer. According to Bitstamp, this extension contains malicious code that is redirecting payments to its own Bitcoin address. Bitcoin web app developer Devon Weller confirmed Bitstamp's findings, saying that the extension was secretly replacing Bitcoin QR codes with its own. The extension's name is BitcoinWisdom Ads Remover and is still available on the Google Chrome Web Store. In July 2015, many users reported having similar issues with the same extension.

Re:NEWs...the point is it's supposed to be NEW

[NotInHere]

The NEWS here is that its still available for download, on march 12 2016.

Re:NEWs...the point is it's supposed to be NEW

[hercludes]

Exactly, I'm not one to judge whether something should be on Slashdot or not, but even I have to concede that this seems wildly out of place. The plug-in itself has only 5 ratings and 94 users, maybe if there were 100,000 users or something this would be relevant, but the app is clearly dead at such low statistics. Not to mention the functionality is completely pointless, "blocks ads from bitcoinwisdom.com" -- do people just have a unique extension to block ads for each site they visit? Such a weird story to find on Slashdot.

why not ABP ?

[thygate]

Adblock Plus also blocks all the advertisements on bitcoinwisdom, so why would anyone bother with this extension ?

Re:Should Google aim their penises while they piss

[andymadigan]

This extension does something completely different than what it claims to do, and makes no mention of this extra "feature". That should be enough to have it taken down. Google has made it essentially impossible to install extensions from outside their "store". If Google makes no representations about the quality or safety of the extensions in the store, then why not let sites host the extensions themselves?

There's practically no information in the store to base a decision on other than the name of the author and a description. If extensions were hosted on their own sites you could at least know what organization created the extension by verifying the HTTPS cert of the site. With the store model you're trusting Google to verify the information in the store.