<p><span style="font-weight: 400;">Google has removed another batch of Chrome extensions that had been impersonating popular crypto wallet services like Ledger and MetaMask, a month after removing nearly 50, according to </span><span style="font-weight: 400;">the security firm Sophos.</span></p> <p><span style="font-weight: 400;">On Friday, Naked Security, a news site maintained by Sophos, </span><a href="https://nakedsecurity.sophos.com/2020/05/08/more-crypto-stealing-chrome-extensions-swatted-by-google/"><span style="font-weight: 400;">reported </span></a><span style="font-weight: 400;">that Google has taken down 22 more malicious extensions identified by Harry Denley, a security researcher at the wallet service MyCrypto. Apparently these scammy extensions are popping up as fast as they are getting deleted. </span><span style="font-weight: 400;">Just last month, the company removed 49 similar impersonators after Denley flagged them in <a href="https://medium.com/mycrypto/discovering-fake-browser-extensions-that-target-users-of-ledger-trezor-mew-metamask-and-more-e281a2b80ff9">a blog post.</a></span></p> <p>Denley found that these extensions were <span style="font-weight: 400;">falsely claiming to be affiliated with MyEtherWallet, Trezor, and Electrum in addition to Ledger and Metamask. For instance, a fake extension might create a user experience that is exactly identical to one of these services in order to trick users into giving up their private keys and mnemonic phrases. </span></p>