BTC
$0.00
0.00%
Owners of digital assets, just like the cryptocurrency world itself, are increasingly falling victim to attacks by cybercriminals. Whereas just a few years ago the main threats were crude phishing emails, Trojans and viruses, today fraudsters are actively using artificial intelligence to create sophisticated cryptocurrency theft schemes. One of the most dangerous scenarios involves cases where fraudsters disguise malicious software as Google Chrome updates.
Increasingly, to steal cryptocurrency, hackers are using not fake crypto wallets, but fake app updates. They disguise malicious software as Chrome browser updates, or AI apps for working with ChatGPT, Gemini or DeepSeek. There have been cases where, after updating an AI extension, it turned into spyware – it began collecting data, downloading malicious code from remote servers with the aim of finding and stealing seed phrases.
Despite the fact that hackers attack MetaMask, Ledger, Coinbase Wallet and Trust Wallet with enviable regularity, experts assure us that there is no substantial evidence that AI ‘independently steals cryptocurrency’, as it is merely a tool. Artificial intelligence merely helps cybercriminals create convincing phishing sites and personalise attacks.
In 2025, security experts discovered fake “DeepSeek installers” which, once installed, deployed hidden cryptocurrency miners, keyloggers and malware to steal crypto wallets. They emphasise: in today’s reality, artificial intelligence has become a tool which, unfortunately, has significantly simplified the scaling of network cyberattacks.
The device is compromised when a user, having received a message about the need for an urgent browser update, clicks the ‘Update’ button. After which a Trojan or RAT is installed on the computer.
Unlike ordinary viruses, Trojans and malicious browser extensions steal crypto wallet authorisation tokens, browser sessions, private keys, cookies and seed phrases.
A Remote Access Trojan gives the hacker full remote control over the device. Furthermore, acting as an ‘invisible’ administrator, the RAT operates in real-time in the background.
A hidden miner uses the CPU and graphics card in the background to mine cryptocurrency. Cryptojacking does not usually steal personal data, but it forces computing resources to operate at their limits, which puts a significant strain on the hardware.
Regular updates to official applications are critical for the security of digital assets, as they patch security vulnerabilities through which hackers could gain control of a browser or crypto wallet. Most companies, including Google, regularly release patches that reduce the risk of zero-day attacks, fix bugs and close vulnerabilities.
Experts recommend following a few basic rules of digital hygiene: download Chrome and its updates only from official sources;
always check the permissions of browser extensions;
regularly update your browser, antivirus software and operating system;
do not install little-known AI extensions;
use two-factor authentication;
store large amounts of cryptocurrency in ‘cold’ wallets.
