As the title says, DO NOT in any circumstances install ANY bitcoin price extension to ANY of your browsers.
Why?
I got malware by this way, searching around the web I found out there are numerous people falling into the same trap. Fortunately, I noticed just in time and did not lose any funds, but others were not that lucky.
What does the malware do?
It changes how your clipboard works. Scammer who created this extension injected a javascript file into the extension which detects whether you copied 0x address and if so, it changes the address to HIS address, so you send funds to a different address as originally intended.
Looking at the ethereum and binance smart chain addresses belonging to the scammer I found out he already made ~7500 USD that way.
What should I do?
Uninstall the extension and create a new wallet. Your wallet is not safe enough for daily usage and storing funds. Also, the best is to reinstall your whole system as it is. You can not trust a once compromised operating system, especially when dealing with money.
Is my wallet compromised?
Likely not, it looks like the virus is attacking and changing only the clipboard, but you never know if your wallet is in the hands of a hacker. It is best to create a new wallet and transfer all your funds there.
How do I know it is actually the extension?
Check all your extensions and try to check whether they are still present on Google Chrome store. If not, it means the extension was pulled down by people in Google themselves and was indeed compromised. Shame is, they will not tell you. You need to notice yourself.
Sources:
Many people fell for this trap, check the following links:
1. Reddit Thread - Beware of bitcoin price ticker browser extensions
2. Reddit Thread - What is a good Chrome extension BTC ticker?
3. Reddit Thread - Metamask address copied from clipboard or viewed on bscscan through account details not the same as the one displayed on wallet.
Conclusion:
Always check where your funds are going, and double-check the start and end of each address you are interacting with. It is a good habit to actually memorize a few characters from the start and end of your wallet for each check.
Do not install any extensions related to bitcoin, ethereum, or any other coin. Do not install any helpers, tickers, and do not let the world around you know that you are dealing with crypto at all.
Remember, Chrome web store is an easy access to your computer. The fee to place any extension to the Chrome web store is only $5 and it is one-time. They do not bother even checking the extensions one by one, they just scan it by some A.I. and call it a day. Meaning, there is a lot of malware on the Chrome web store or any other store.
If possible, install Virtual machine client with Windows or Ubuntu ISO and deal with your crypto that way. This way you will be completely immune to any virus lurking inside your current daily installation. I recommend installing VMware player and downloading Ubuntu ISO from their website. Both are free to download and use for personal usage.
Stay safe.
