Google has removed 49 Chrome browser extensions from its Web Store that contained malicious code to siphon off sensitive information and empty the digital currencies. The malicious extensions are phishing for secrets, mnemonic phrases, private keys, and keystore files. Researchers from MyCrypto and PhishFort identified the malicious add-ons as potentially the work of Russian threat actors. The extensions were removed within 24 hours after they were reported to Google and began to appear on the Web Store as early as February 2020.
Source: https://thehackernews.com/2020/04/chrome-cryptocurrency-extensions.html