Here’s the rephrased article with a techno-journalistic voice and SEO integration:
Chrome Extension Breach Exposes 500,000 Users to Crypto Key Theft
A malicious update to the widely used Chrome proxy extension SwitchyOmega has been discovered stealing private keys from cryptocurrency wallets, putting over 500,000 users at serious risk, cybersecurity firm SlowMist has reported.
Stay in the know on crypto by frequently visiting Crypto News Today
According to the March 12 security alert, the breach originated from a phishing attack targeting an employee at Cyberhaven, an AI-driven data security company. Attackers sent a deceptive email claiming that Cyberhaven’s browser extension was in violation of Google’s policies and at risk of removal unless immediate action was taken.
CryptoCaster Quick Check:
By exploiting this social engineering attack, the hackers compromised Cyberhaven’s OAuth credentials, allowing them to inject malicious code into SwitchyOmega. The infected version (24.10.4) was then uploaded to the Chrome Web Store. As the extension automatically updated, thousands of unsuspecting users unknowingly installed the compromised software—exposing their private keys and mnemonic phrases to potential theft.
While the full extent of the damage remains unclear, SlowMist urges affected users to immediately verify their installed extension IDs against the official version to determine whether they have the tainted release.
This incident highlights a growing cyber threat targeting crypto traders via browser extensions. In September 2024, cybersecurity analysts at Group-IB reported that the Lazarus Group, a North Korean state-backed hacking syndicate, had escalated its focus on browser-based attack vectors, including fake video apps and malicious plugins, to infiltrate the digital asset industry. With cybercriminals increasingly exploiting browser vulnerabilities, SlowMist recommends crypto users conduct regular security audits, enable two-factor authentication, and avoid clicking suspicious links to mitigate risks.
Adding to the surge in cyber threats, Lazarus Group recently launched a supply chain attack deploying six malicious npm packages designed to steal credentials and siphon cryptocurrency data. According to the Socket Research Team, the hackers leveraged BeaverTail malware to infiltrate developer systems and extract sensitive user information.
With browser-based threats on the rise, crypto users must remain vigilant against evolving attack techniques that put digital assets at risk.
If this article brought you clarity, insight, or value—support the work that made it possible.
At CryptoCaster, we report on Web3, crypto markets, and institutional finance with no billionaire owners, no shareholders, and no hidden agenda. While mainstream media bends toward Elon Musk, BlackRock, and JPMorgan narratives, we stay focused on what matters: truth, transparency, and the public interest.
We don’t just cover the headlines—we investigate the power structures behind them. From FTX and Ripple to the quiet push for CBDCs, we bring fearless reporting that isn’t filtered by corporate interests.
CryptoCaster is 100% paywall-free. Always has been. To keep it that way, we depend on readers like you.
If you believe independent crypto journalism matters, please contribute—starting at just $1 in Bitcoin or Ether. Wallet addresses are below.
Your support keeps us free, bold, and accountable to no one but you.
Thank you,
Kristin Steinbeck
Editor, CryptoCaster
Please Read Essential Disclaimer Information Here.
© 2024 Crypto Caster provides information. CryptoCaster.world does not provide investment advice. Do your research before taking a market position on the purchase of cryptocurrency and other asset classes. Past performance of any asset is not indicative of future results. All rights reserved.
Contribute to CryptoCaster℠ Via Metamask or favorite wallet. Send Coin/Token to Addresses Provided Below.
Thank you!
BTC – bc1qgdnd752esyl4jv6nhz3ypuzwa6wav9wuzaeg9g
ETH – 0x7D8D76E60bFF59c5295Aa1b39D651f6735D6413D
CRYPTOCASTER HEATMAP
