On Wednesday, 24 August, KuCoin, a well-known crypto exchange, updated its followers on Twitter about the malicious link. The team warned users to not download any suspicious extensions.
Now, the attackers seem to have designed web extensions to steal digital assets. When a user downloads the Google Sheets extension, it replaces the user’s withdrawal address with the attacker’s own.
Lastly, always remain updated with the latest news because most security teams warn users before the actual attack takes place.