Google has removed 49 Chrome extensions from its web store that were targeting the private keys of cryptocurrency wallet holders. 

According to a report by ZDNet, the majority of applications were posing as legitimate cryptocurrency programs, while infecting users with malicious code to gain access to their wallets. 

The extensions were first discovered by Harry Denley, director of security at the MyCrypto platform. According to Denley, the collection of malicious programs appear to have been put together by an individual or hacker group originating from Russia. 

He said, 

Whilst the extensions all function the same, the branding is different depending on the user they are targeting.

The extensions used high-profile cryptocurrency brands such as Ledger, Trezor and Electrum to dupe clients into thinking they were using a proprietary program. 

The report claims the extensions worked “nearly identical” to the real programs. However, user data such as private keys and mnemonic phrases were being logged and delivered to an external server. 

Denley said the hackers were targeting high-value accounts and tied the malicious Chrome extensions to previously reported incidents. 

Featured Image Credit: Photo via