Dozens of fake wallet add-ons flood Firefox store to drain crypto

[Gandalf_The_Grey]

Content source

https://www.bleepingcomputer.com/news/security/dozens-of-fake-wallet-add-ons-flood-firefox-store-to-drain-crypto/

More than 40 fake extensions in Firefox’s official add-ons store are impersonating popular cryptocurrency wallets from trusted providers to steal wallet credentials and sensitive data.

Some of the extensions pretend to be wallets from Coinbase, MetaMask, Trust Wallet, Phantom, Exodus, OKX, Keplr, and MyMonero, and include malicious code that sends stolen information to attacker-controlled servers.

Researchers at Koi security found the risky extensions along with evidence indicating that behind the campaign is a Russian-speaking threat group.

In a report shared with BleepingComputer, the researchers say that many of these browser add-ons are clones of open-source versions of legitimate wallets with added malicious logic.

Koi Security told BleepingComputer that they reported the findings to the Firefox store using the official reporting tool, but the fake extensions continue to be available at the time of writing.

Dozens of fake wallet add-ons flood Firefox store to drain crypto

More than 40 fake extensions in Firefox's official add-ons store are impersonating popular cryptocurrency wallets from trusted providers to steal wallet credentials and sensitive data.

www.bleepingcomputer.com

 

[oldschool]

This is simply another example of scammers scamming other scammers, making $$$ off of other folks' misery. It's all a scam.

 

[Victor M]

As I posted before, when you use cryptocurrencies, you have to be as diligent as a brick & motar banks' security team. You are targeted by hackers and you are on your own. Banks have a Team.