Malvertising campaigns that are spreading malicious browser extensions are abusing Google Ads and well-known cryptocurrency brands to draw in victims. Researchers from MyCrypto recently found several fake extensions that purported to be of use to cryptocurrency users, for offer inside Google s web store (now removed) In reality, they harvested information that could be used to take over crypto-wallets and drain accounts specifically, mnemonic phrases, private keys and keystore files. The extensions impersonated legitimate brands, including Electrum, Exodus, Jaxx, KeepKey, Ledger, MetaMask, MyEtherWallet and Trezor.
Source: https://threatpost.com/malicious-google-web-extensions-cryptowallet/154832/