This weekend during the Baltic Honeybadger conference, Jeremy Welch, CEO of Casa, a provider of cryptocurrency custody solutions, pointed out that browser extensions impose major cybersecurity risks and can be used by hackers to steal cryptocurrencies:
“Browser extensions impose major risks, and these risks haven’t been discussed until this point”
Jeremy Welch has clarified that browser extensions can gather data and use it to steal cryptocurrencies later. According to Welch, it is important, first and foremost, to not “expose your bitcoin addresses anywhere”. Secondly, it is worth remembering that extensions can gather KYC information and leak it to crypto scammers.
The fact that “we are all using browser extensions all the time” makes this issue “terrifying,'' says Welsh. By using a popular extension to create wallpapers with inspiring quotes, he demonstrated how much data could be stolen without the user even noticing it. Therefore, Welsh urged customers to be very selective and attentive to new threats. A more deliberate threats overview can be found in the Wealth Security Protocol by CASA, written by such renowned authors as Jameson Lopp, Jacob Lyles, and Nick Fogle. It starts with a reminder:
“The same features that give cryptocurrency its appeal make cryptocurrency storage hard. Most digital coins feature immutable ledgers and lack a central authority to appeal to in case of theft. Bitcoin is a digital bearer bond, like cash. Once sent, a transaction cannot be canceled or reversed”
Alena Vranova, Former CEO and cofounder of Satoshi Labs and Trezor and Casa Business strategist, tweeted from the presentation to help spread the message: