Security firm Koi has identified over 40 fake cryptocurrency wallet extensions on the Firefox add-on store, impersonating popular wallets like MetaMask and Coinbase Wallet. These malicious extensions are designed to steal sensitive information, such as mnemonics, by capturing input data exceeding 30 characters through event monitoring code. The stolen data is then transmitted to the attackers' servers. The phishing operation, believed to be orchestrated by a Russian hacker group, has been active since at least April 2025.
Over 40 Fake Crypto Wallet Extensions Found on Firefox Store
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.