加密货币钱包
3,056 views
3 Discussing
Hot
Latest
See original
Warning! Hackers are stealing cryptocurrency through counterfeit browser extension applications, with Russian organizations possibly being the masterminds of the attacks.
Recently, cybersecurity company Koi Security revealed a large-scale malicious attack targeting cryptocurrency users, where attackers implemented theft by counterfeiting more than 40 mainstream cryptocurrency wallet Firefox extensions.
These counterfeit extensions closely mimic the interfaces and functionalities of well-known products such as MetaMask, Coinbase Wallet, Trust Wallet, etc., even creating false reputations through fake reviews, disguising themselves as trusted plugins in the Mozilla add-ons section. Furthermore, this attack is continuously evolving, with the latest batch of malicious extensions still being uploaded last week, highlighting the attackers' high adaptability.
Technical analysis shows that these malicious extensions reduce user suspicion by cloning legitimate open-source wallet codebases and retaining core functionalities, while also implanting malicious modules to steal mnemonic phrases and private keys. Additionally, the extensions silently collect metadata such as user IP addresses at the time of installation for precise targeting.
Koi Security confirmed that this is a systematic attack against cryptocurrency holders by tracking the infrastructure and TTP (Tactics, Techniques, and Procedures) and urged users to immediately inspect suspicious extensions and rotate wallet credentials.
The Russian clues discovered during the investigation are particularly noteworthy. Security personnel found Russian comments in the malicious code and extracted Russian metadata from PDF files stored on the attackers' servers.
This is similar to a situation disclosed months ago by another security company, SlowMist, when hackers used a fake Zoom meeting to steal millions of dollars in cryptocurrency; Russian scripts were also present in the attack tools. Although there is no clear evidence, it is possible that a criminal organization with a Russian background is orchestrating these transnational cybercrime activities.
Currently, Koi Security is collaborating with Mozilla to take down the identified malicious extensions. However, this attack, which has continued for several months, exposes serious security risks in the browser plugin ecosystem: attackers can not only easily impersonate well-known products but also exploit platform review loopholes to remain hidden for an extended period.
For cryptocurrency users, merely relying on the review mechanisms of official app stores is insufficient to ensure the security of wallet assets. It is essential to develop security habits such as manually verifying extension signatures and being vigilant about permission requests.
#加密货币钱包 #浏览器安全
Recently, cybersecurity company Koi Security revealed a large-scale malicious attack targeting cryptocurrency users, where attackers implemented theft by counterfeiting more than 40 mainstream cryptocurrency wallet Firefox extensions.
These counterfeit extensions closely mimic the interfaces and functionalities of well-known products such as MetaMask, Coinbase Wallet, Trust Wallet, etc., even creating false reputations through fake reviews, disguising themselves as trusted plugins in the Mozilla add-ons section. Furthermore, this attack is continuously evolving, with the latest batch of malicious extensions still being uploaded last week, highlighting the attackers' high adaptability.
Technical analysis shows that these malicious extensions reduce user suspicion by cloning legitimate open-source wallet codebases and retaining core functionalities, while also implanting malicious modules to steal mnemonic phrases and private keys. Additionally, the extensions silently collect metadata such as user IP addresses at the time of installation for precise targeting.
Koi Security confirmed that this is a systematic attack against cryptocurrency holders by tracking the infrastructure and TTP (Tactics, Techniques, and Procedures) and urged users to immediately inspect suspicious extensions and rotate wallet credentials.
The Russian clues discovered during the investigation are particularly noteworthy. Security personnel found Russian comments in the malicious code and extracted Russian metadata from PDF files stored on the attackers' servers.
This is similar to a situation disclosed months ago by another security company, SlowMist, when hackers used a fake Zoom meeting to steal millions of dollars in cryptocurrency; Russian scripts were also present in the attack tools. Although there is no clear evidence, it is possible that a criminal organization with a Russian background is orchestrating these transnational cybercrime activities.
Currently, Koi Security is collaborating with Mozilla to take down the identified malicious extensions. However, this attack, which has continued for several months, exposes serious security risks in the browser plugin ecosystem: attackers can not only easily impersonate well-known products but also exploit platform review loopholes to remain hidden for an extended period.
For cryptocurrency users, merely relying on the review mechanisms of official app stores is insufficient to ensure the security of wallet assets. It is essential to develop security habits such as manually verifying extension signatures and being vigilant about permission requests.
#加密货币钱包 #浏览器安全
See original
Can Uniswap’s new crypto wallet take MetaMask’s throne?
Summary:
•Uniswap announced the launch of a new wallet that will be located in the browser sidebar and provide a more granular transaction process.
•The wallet will provide a limit order function to automatically execute transactions to meet the user's preset price.
•The launch follows the launch of the Ethereum ETF, which has renewed excitement for holdings. Since September 2023, Uniswap’s price increase has reached 111%.
Uniswap recently launched a browser sidebar crypto wallet to enhance user experience. The development comes against the backdrop of growing interest in restaking and the potential for Ethereum exchange-traded funds (ETFs), making Uniswap a potential competitor to the established MetaMask.
•Uniswap announced the launch of a new wallet that will be located in the browser sidebar and provide a more granular transaction process.
•The wallet will provide a limit order function to automatically execute transactions to meet the user's preset price.
•The launch follows the launch of the Ethereum ETF, which has renewed excitement for holdings. Since September 2023, Uniswap’s price increase has reached 111%.
Uniswap recently launched a browser sidebar crypto wallet to enhance user experience. The development comes against the backdrop of growing interest in restaking and the potential for Ethereum exchange-traded funds (ETFs), making Uniswap a potential competitor to the established MetaMask.
Login to explore more contents