Ethereum users have faced a new threat: **a malicious Chrome extension** is actively stealing seed phrases of cryptocurrency wallets. According to antivirus company **Malwarebytes**, a plugin called *“ETH Wallet Manager”* (now removed from the Chrome Web Store) disguised itself as a legitimate asset management tool, but in reality, it read data from the browser's local storage.
The mechanism is simple: after installing the extension, it gained access to **localStorage** and **IndexedDB**, where the seed phrases of MetaMask, Trust Wallet, and other wallets are stored. The data was sent to a remote server in encrypted form. It is estimated that **over 12,000 users** were affected, and the losses exceed **$2.3 million in $ETH **.
Experts warn: **never enter your seed phrase into browser extensions**. It is recommended to use hardware wallets (Ledger, Trezor) and check extensions through **CRXcavator** or **VirusTotal**. Google has already tightened moderation, but the risk remains.
This is not the first case: similar attacks were recorded in 2022–2023. Protection is the only way to keep assets safe.
#Ethereum #ETH #CryptoSecurity #SeedPhraseSafety #ChromeExtension #Web3 #MiningUpdates
**Subscribe to #MiningUpdates ** — current threats and protection in crypto daily!
