Browser extensions can help hackers to steal your cryptocurrencies warns Casa CEO Jeremy Welch.
"Browser extensions pose significant risks, and those risks have not been discussed so far," Welch said.
"Make sure you do not report the addresses Bitcoin you anywhere, ”Welch warned.
Another thing to keep in mind is that some extensions record the information KYC users and can leak into scammers. The only major multisig system that requires KYC at this time is that provided by Unchained Capital, Welch said. Warns about sharing software that collects identity data.
For example, Welch showed how a browser extension that provides wallpapers with inspirational quotes or other content actually steals data as you fill out the KYC forms. The malware steals graphic data, such as a driver's license photo, which is recorded as a code and then easily decoded, providing a true picture of your ID in a hackers.
Audio data theft
They happen in the background, without the user noticing.
The same wallpaper extension can change a download address when you try to send cryptocurrencies to someone (or yourself), sending them instead to the hacker's wallet. The popularity of browser extensions makes the situation quite dangerous, Welch notes.
Even though a user is very careful and selective about what he / she is using, the software can be upgraded to obtain new, unsafe features without paying attention.
Welch pointed out that many well-known applications collect personal data, including password managers, Grammarly text editing app, Joule extension for in-browser Lighting transactions and Lolli bitcoin-earning extension.
The solution? It's not easy. Developers can only create better tools that will make the user experience safer and better.