Fake Firefox extensions aim to steal cryptocurrency wallets
Bitget2025/07/03 18:50- Over 40 fake extensions compromise cryptocurrency wallets
- Criminals use wallet names like MetaMask and Coinbase
- Attacks remain active and threaten Firefox users
Cybersecurity experts have identified more than 40 malicious extensions in the Firefox browser designed to steal cryptocurrency wallet credentials. According to a report released by Koi Security, the criminals behind the operation use the names of popular platforms, such as Coinbase, MetaMask and Trust Wallet, to deceive users and collect sensitive information.
🚨 Watch out, crypto enthusiasts! Over 40 fake Firefox extensions mimicking popular wallets have been found. These phishing scams are after your private keys! Check your extensions and stay safe. 🔐 #CryptoSecurity #PhishingAlert
— ₿itBlitz (@BitBlitz) July 3, 2025
These fake extensions pose as legitimate digital wallet tools and, once installed, secretly extract sensitive data from users, exposing digital assets to theft risks. In addition to the aforementioned, other affected brands include Phantom, Exodus, OKX, MyMonero, Bitget, Leap and Keplr.
According to report , the campaign has been active since at least April 2025, with new malicious extensions being uploaded to the Firefox Add-ons Store as recently as last week. The continued activity suggests a persistent operation, with the ability to adapt and update.
To increase the credibility of the fake extensions, the attackers used fake reviews with five-star ratings. Many of the extensions had hundreds of reviews simulating positive experiences, which increased the likelihood of being installed by unsuspecting users.
Koi Security also found clues that indicate the possible involvement of a Russian-speaking cybercriminal group. Fragments of code with comments written in Russian and metadata extracted from files hosted on the servers used in the operation reinforce this suspicion. “While not conclusive, these artifacts suggest that the campaign may have originated from a Russian-speaking cybercriminal group,” the report states.
The security firm emphasizes that the campaign is ongoing, with active extensions still available in the official store. Cryptocurrency wallet users should be extra careful when installing any add-on in Firefox, checking official sources and the authenticity of the tool.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Investors Chase Mutuum Finance as DeFi Disruption Unfolds
- Mutuum Finance (MUTM), a DeFi project with a hybrid P2C/P2P lending model, is gaining traction as a potential bull market altcoin. - Its Stage 6 presale has raised $15M+ with 15,720+ investors, featuring a $0.035 token price set to rise 14.29% in Stage 7. - MUTM plans an Ethereum-based stablecoin with a 95.0 CertiK trust score and offers $150K in incentives for security testing and token giveaways. - Analysts highlight MUTM's sustainable tokenomics and ecosystem growth as disruptive factors in DeFi, draw
Pudgy Penguins (PENGU): Buy-the-Dip Opportunity Amid ETF Delays and Price Correction
- Pudgy Penguins (PENGU) faces short-term price declines but shows oversold technical indicators and key support levels near $0.03618. - Fundamental catalysts include utility expansion via Pudgy Party game, $13M in physical toy sales, and institutional NFT adoption by BTCS Inc. - Regulatory uncertainty from delayed Canary PENGU ETF creates asymmetric risk/reward, with potential institutional liquidity if approved by October 2025. - Contrarian investors see buy-the-dip opportunities as on-chain data shows r
MBOX -585.37% in 24 Hours Amid Volatile Market Conditions
- MBOX plummeted 585.37% in 24 hours to $0.0599, showcasing extreme volatility amid sharp 736% weekly decline. - Despite 1028.57% monthly rebound, year-to-date drop of 6963.82% highlights asset's unpredictable price swings and high-risk profile. - Technical analysis reveals breakdown below key support levels with no buying pressure, reinforcing bearish sentiment across markets. - Analysts warn next critical support below $0.05 could trigger further erosion, with momentum indicators showing deteriorating de
Layer Brett’s Staking Rewards Outpace Meme Coin Giants
- Analysts highlight Layer Brett ($LBRETT) as a top 2025 meme coin, leveraging Ethereum Layer 2 tech for fast transactions and low fees. - Offering 55,000% APY staking rewards and a fixed 10B token supply, it outpaces FLOKI and WIF in utility and scalability. - FLOKI faces a 25% price drop, while WIF struggles with retracement, lacking Layer Brett's infrastructure and community-driven growth. - Emerging projects like DeepSnitch AI aim to blend meme culture with fraud detection tools, but Layer Brett remain
Trending news
MoreCrypto prices
More
