Google has removed another batch of Chrome extensions that had been impersonating popular crypto wallet services like Ledger and MetaMask, a month after removing nearly 50, according to the security firm Sophos.
On Friday, Naked Security, a news site maintained by Sophos, reported that Google has taken down 22 more malicious extensions identified by Harry Denley, a security researcher at the wallet service MyCrypto. Apparently these scammy extensions are popping up as fast as they are getting deleted. Just last month, the company removed 49 similar impersonators after Denley flagged them in a blog post.
Denley found that these extensions were falsely claiming to be affiliated with MyEtherWallet, Trezor, and Electrum in addition to Ledger and Metamask. For instance, a fake extension might create a user experience that is exactly identical to one of these services in order to trick users into giving up their private keys and mnemonic phrases.