加密貨幣投資者因惡意 Chrome 擴充功能損失 80 萬美元

一名加密貨幣投資者在成為兩個惡意 Google Chrome 擴充功能的受害者後損失了 80 萬美元。這些擴充功能被稱為“同步測試測試版”和“簡單遊戲”，據信充當了鍵盤記錄程序，損害了受害者的敏感資訊。這事件凸顯了保持 Chrome 更新並警惕可疑擴充功能的重要性。

Chrome Extension Attack Siphons $800,000 from Cryptocurrency Investor

Chrome 擴充功能攻擊從加密貨幣投資者那裡竊取了 80 萬美元

A devastating cyberattack has left a cryptocurrency investor reeling after malicious Chrome extensions drained over $800,000 from their digital wallets. The victim, identified only as "Sell When Over" on the social platform X, has sounded the alarm, highlighting the insidious nature of these extensions masquerading as keyloggers.

惡意 Chrome 擴充功能從數位錢包中竊取了超過 80 萬美元，一場毀滅性的網路攻擊讓一位加密貨幣投資者感到震驚。受害者在社交平台 X 上僅被識別為“Sell When Over”，他拉響了警報，強調了這些偽裝成鍵盤記錄器的擴展程序的陰險本質。

Discovery of the Breach

發現違規行為

The investor initially noticed a $500,000 shortfall in multiple wallet applications, prompting an immediate investigation. They soon realized the full extent of the compromise, amounting to a staggering loss of $800,000. Suspecting a breach in their Google Chrome browser, they delved deeper, uncovering a sinister plot that targeted specific crypto wallet extensions.

該投資者最初注意到多個錢包應用程式存在 50 萬美元的缺口，因此立即展開調查。他們很快就意識到了妥協的全部內容，損失高達 80 萬美元。由於懷疑 Google Chrome 瀏覽器遭到破壞，他們進行了更深入的研究，發現了一個針對特定加密錢包擴充功能的險惡陰謀。

Keyloggers Targeting Cryptocurrency Activity

針對加密貨幣活動的鍵盤記錄程序

The investor's suspicions were confirmed when they identified two suspicious extensions: "Sync test beta" and "Simple Game." The latter was discovered to be monitoring tab activities and communicating with an external PHP script. A keylogger, the "Sync test BETA" extension, had compromised sensitive information, including wallet seed phrases.

當投資者發現兩個可疑擴展程序時，他們的懷疑得到了證實：「同步測試測試版」和「簡單遊戲」。後者被發現正在監視選項卡活動並與外部 PHP 腳本進行通訊。鍵盤記錄程式「Sync test BETA」擴充功能洩露了敏感訊息，包括錢包助記詞。

Circumstances of the Attack

襲擊的情況

Several weeks prior to the attack, the investor had postponed a Google Chrome update. However, a mandatory Windows update forced a system restart, causing Chrome to relaunch with all tabs disappeared and extension logins reset. The victim, unaware of the impending danger, re-entered their credentials and manually reimported seed phrases from a separate secure device. Unbeknownst to them, the keylogger had already infiltrated their system, silently siphoning funds in the background.

攻擊發生前幾週，投資者推遲了 Google Chrome 的更新。然而，強制性的 Windows 更新強制系統重新啟動，導致 Chrome 重新啟動，所有分頁消失，擴充功能登入重設。受害者沒有意識到迫在眉睫的危險，重新輸入了他們的憑證，並從單獨的安全設備手動重新導入了助記詞。他們不知道的是，鍵盤記錄程式已經滲透到他們的系統中，在後台悄悄地吸走資金。

Missed Red Flags

錯過危險訊號

The victim failed to notice any unusual browser behavior following the restart, with their virus scanner indicating no issues. The subtle nature of the attack, coinciding with a major Chrome update, led them to dismiss the tab reset as a consequence of the software update.

受害者在重新啟動後沒有註意到任何異常的瀏覽器行為，他們的病毒掃描程式也沒有顯示任何問題。這次攻擊的微妙性質，與 Chrome 的重大更新同時發生，導致他們忽略了軟體更新導致的選項卡重置。

Lessons Learned

得到教訓

The investor has shared their costly experience as a cautionary tale, urging others to remain vigilant against malicious extensions. They emphasized the need for meticulous scrutiny of any anomalies that prompt seed phrase input, advocating for a complete system wipe as a first line of defense.

這位投資者分享了他們代價高昂的經歷作為警示，敦促其他人對惡意擴展保持警惕。他們強調需要對任何提示種子短語輸入的異常情況進行仔細審查，並主張將完整的系統擦除作為第一道防線。

Ongoing Investigation

正在進行的調查

The stolen funds have been reportedly transferred to MEXC and Gate.io exchanges. Law enforcement agencies are investigating the incident, determined to track down the perpetrators responsible for this brazen cybertheft.

據報道，被盜資金已轉移至 MEXC 和 Gate.io 交易所。執法機關正在調查這起事件，決心追查這起明目張膽的網路竊盜案的肇事者。

Importance of Cybersecurity Awareness

網路安全意識的重要性

This incident underscores the critical importance of cybersecurity awareness and vigilance in the digital age. Investors, particularly those handling significant crypto assets, must prioritize robust security measures to safeguard their funds. Regular software updates, secure password management, and comprehensive virus protection are essential safeguards against malicious actors lurking in the shadows of the internet.

這事件凸顯了數位時代網路安全意識和警覺的至關重要性。投資者，特別是那些處理重要加密資產的投資者，必須優先考慮採取強有力的安全措施來保護其資金。定期軟體更新、安全密碼管理和全面的病毒防護是防範潛伏在網路陰影下的惡意行為者的重要保障。