TechFlow news, July 2 — According to BleepingComputer, over 40 malicious browser extensions impersonating popular cryptocurrency wallets have been discovered in the official Firefox add-ons store. The fake extensions mimic well-known wallets such as Coinbase, MetaMask, Trust Wallet, Phantom, Exodus, OKX, Keplr, and MyMonero.
Koi Security research reveals that these malicious extensions monitor user input to steal wallet recovery phrases and private keys, transmitting the data to servers controlled by attackers. Many of the extensions are clones of legitimate open-source wallets but contain added malicious code. Attackers establish trust by using authentic brand logos and numerous fake five-star reviews.




