Windows malware dubbed Razy has been uncovered that sports a toolbox of cryptocurrency theft and fraud tools. Razy works by weaponizing browser extensions in order to perpetrate a range of online scams on unwitting victims. The malware targets victims in multiple, sneaky ways as they move around the web. It can search for addresses of the victim s cryptocurrency wallets on websites and replace them with the attacker’s wallet details, researchers said. In the fourth quarter of 2018, Kaspersky Lab found Razy residing on about 37,000 computers.
Source: https://threatpost.com/razy-browser-extensions-theft/141181/