Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Fake Extension. Show all posts
Mozilla Firefox
Crypto Wallets cryptocurrency cryptocurrency wallet Cyber Fraud Data Theft Extensions Fake Extension Firefox Firefox Hacks Firefox Security Mozilla Firefox

Fake Firefox Extensions Mimic Crypto Wallets to Steal Seed Phrases

 

Over 40 deceptive browser extensions available on Mozilla Firefox’s official add-ons platform are posing as trusted cryptocurrency wallets to steal user data, according to security researchers. These malicious add-ons are camouflaged as popular wallet brands such as MetaMask, Coinbase, Trust Wallet, Phantom, Exodus, MyMonero, OKX, and Keplr. 

Behind their familiar logos and fake five-star reviews lies code designed to exfiltrate wallet credentials and seed phrases to servers controlled by attackers. Cybersecurity firm Koi Security, which discovered this threat campaign, suspects a Russian-speaking hacking group is responsible. In a report shared with BleepingComputer, the firm revealed that the fraudulent extensions were modified versions of legitimate open-source wallets, altered to include stealthy monitoring code. 

These extensions monitor browser input for strings that resemble wallet keys or recovery phrases — often identified by their length and character patterns. Once such sensitive input is detected, the information is covertly sent to attackers. To avoid suspicion, the extensions suppress error messages or alerts by rendering them invisible. The most critical data targeted are seed phrases — multi-word recovery codes that serve as master keys for crypto wallets. Anyone with access to a seed phrase can irreversibly drain all assets from a user’s wallet. 

The campaign has reportedly been active since at least April 2025, and new malicious add-ons continue to appear. Some were added as recently as last week. Despite Mozilla’s efforts to flag and remove such add-ons, Koi Security noted that many remained live even after being reported through official channels. The fake extensions often feature hundreds of fraudulent five-star reviews to build trust, although some also have one-star ratings from victims warning of theft. 

In many cases, the number of reviews far exceeds the number of downloads — a red flag missed by unsuspecting users. Mozilla responded by confirming that it is aware of ongoing threats targeting its add-ons ecosystem and has already removed many malicious listings. The organization has implemented a detection system that uses automated tools to flag suspicious behavior, followed by manual review when necessary.

In a statement to BleepingComputer, Mozilla emphasized its commitment to user safety and stated that additional measures are being taken to improve its defense mechanisms. As fake wallet extensions continue to circulate, users are urged to verify the authenticity of browser add-ons, rely on official websites for downloads, and avoid entering recovery phrases into any untrusted source.
Read more »
User Safety
ChatGPT Chrome Extension Cyber Crime Data Theft Fake Extension User Privacy User Safety

Fake ChatGPT Chrome Extension Targets Facebook Accounts

 

As ChatGPT becomes increasingly well-known, more and more individuals desire to use cutting-edge chatbot. In turn, this makes them a desirable target for cybercriminals. 

This time around, hackers are using a browser extension called "Quick access to Chat GPT" as a ruse to trick unwary users, claims a recent blog post from the online privacy company Guardio. A while back, fake ChatGPT apps were used to spread malware and steal passwords. The extension, which has since been taken down from the Chrome Web Store, does, however, genuinely provide users access to the chatbot, unlike other fraudulent ChatGPT apps. 

The extension does this while also stealing every cookie that is saved in your browser, including security and session tokens for websites like YouTube, Twitter, and even your Google account. The hackers behind the extension can access your online accounts and steal your passwords with this information, while the primary target of the extension is Facebook accounts. 

Targeting prominent Facebook business accounts 

The hackers who created the extension, according to CyberNews, are closely monitoring people who have prominent Facebook business accounts. This makes sense considering how lucrative LinkedIn and Facebook Business accounts may be, and how frequently attackers target them. 

Those who install the extension will not only have their Facebook accounts compromised but also have bots utilise them to promote "Easy access to Chat GPT" even further.

Even worse, the hackers behind this effort have discovered a means to get around Facebook's security by renaming queries made through Meta's Graph API to the social media platform's servers. This allows them to handle a victim's "linked WhatsApp and Instagram accounts" according to Guardio's security analysts. 

You must exercise extreme caution while downloading and installing new browser extensions because so much of our daily activities now take place online. Bad extensions can manage to evade detection, just like malicious programmes. For this reason, before downloading an extension, you should always check its rating and reviews on the Chrome Web Store. When you click "Add to Chrome," you should, however, search for external evaluations on other websites or even videos that demonstrate an extension in use.

How to use ChatGPT securely and safely

The most recent trends are well known to hackers, who exploit them to develop fresh phishing schemes and other intrusions. In order to encourage you to click or download something, companies typically aim to create a sense of urgency, but in this case, ChatGPT has already done the legwork for them. 

The only option to skip the line and gain early access to ChatGPT is to pay $20 per month for ChatGPT Plus or to fulfil all conditions to gain early access to Microsoft's Bing with ChatGPT. 

There isn't an official browser plugin for ChatGPT yet. Indeed, "chat.openai.com" is the only place where you may now access OpenAI's chatbot online. It's possible that this will change in the future, and if it does, there will be several announcements and news stories regarding the new ChatGPT access method. 

You should probably make sure that the best antivirus software is loaded on your PC or the best Mac antivirus software is installed on your Apple computer if you're the impatient type who searches for quick ways to access ChatGPT. This will protect you from malware and other viruses if you encounter fraud similar to the one described above.

Hackers will probably continue to develop new strategies to utilise the well-known chatbot as bait until ChatGPT can be accessible by anybody without needing to join a waitlist or wait in a queue.
Read more »
Subscribe to: Posts (Atom)