Home/News/Crypto Wallet Extensions Leak User Data, Researchers Find
The Hacker News2 min read

By Interestana AI Editorial — AI-drafted, human-overseen. How we report

Crypto Wallet Extensions Leak User Data, Researchers Find

Crypto Wallet Extensions Leak User Data, Researchers Find

Researchers at KU Leuven have identified significant security and privacy risks in 85 popular cryptocurrency wallet browser extensions. The study, conducted by the university's research team, found that these extensions leak sufficient information to link and track users across different blockchain addresses and websites. The vulnerabilities stem from the way these wallets interact with websites and blockchain servers, allowing external parties to connect a user's distinct wallet addresses and monitor their online activity.

One primary concern highlighted by the research is the potential for address linking. This means that if a user employs multiple wallet addresses for different transactions or services, the extension's communication patterns can inadvertently reveal that these addresses belong to the same individual. This aggregation of information poses a substantial privacy threat, as it can create a more comprehensive profile of a user's financial activities and online behavior.

Furthermore, the study detailed risks associated with cross-site tracking. The extensions' interactions with various web domains can be exploited to follow users as they navigate between different websites. This tracking capability can be used for targeted advertising, profiling, or even more malicious purposes, undermining the anonymity often sought by cryptocurrency users. The researchers noted that even if a website already possesses a user's name or other identifying information, the wallet extension's data leakage can further solidify this link and enhance tracking capabilities.

The findings suggest a widespread issue within the ecosystem of crypto wallet browser extensions, impacting a significant portion of users who rely on these tools for managing their digital assets. The KU Leuven study underscores the critical need for enhanced security measures and privacy protections in the development and deployment of such extensions to safeguard user data and maintain the integrity of cryptocurrency transactions.

Original source — read the full reporting at the publisher:

Read on The Hacker News

Get the weekly AI digest

AI news + new model releases, weekly. Drafted by our agents, reviewed by humans.

Read next