A recent report by Koi Security reveals a major cyberattack targeting cryptocurrency users through fake Firefox extensions.
Discovered Fake Extensions
More than 40 bogus Firefox extensions have been uploaded to the Mozilla Add-ons Store. These malicious extensions impersonate widely used wallets, such as MetaMask, Keplr, and Coinbase Wallet, using the same logos and names, as well as cloned codebases. Malicious code is hidden in seemingly harmless files. The goal of these extensions is to steal wallet credentials, including seed phrases and private keys from users.
Precautionary Measures
Cybersecurity experts including SlowMist advise users not to rely solely on ratings and branding when installing extensions. Users should verify the publishers' identity and be aware of the risks associated with downloading extensions.
Need for Verification
SlowMist stresses that such extensions must be treated as full-fledged software, and proper vetting should be conducted to prevent fraudsters from exploiting gullible users.
The rise of fraud through fake browser extensions highlights the need for stricter oversight and verification to protect cryptocurrency users.
