A recent report by Koi Security reveals that over 40 fraudulent extensions for Mozilla Firefox are part of a malware campaign aimed at stealing cryptocurrencies. These phishing tools mimic popular wallet applications like Coinbase, MetaMask, and Trust Wallet. Once users install these malicious extensions, they are designed to capture wallet credentials. Koi Security noted that this campaign has been active since at least April, with new extensions appearing as recently as last week. The extensions extract sensitive information from targeted websites and send it to a server controlled by the attackers. To gain user trust, the fake extensions use identical names, logos, and even fake five-star reviews. Although attribution is uncertain, indicators suggest involvement from a Russian-speaking threat actor, based on language found in the code. Koi Security advises users to only install extensions from verified sources and to monitor for unusual behavior to mitigate risks. Read more AI-generated news on: https://app.chaingpt.org/news