Crypto tool site: https://bqbot.cn (includes free private key collision, AI event contract analysis) etc.
Here's the thing: while debugging my website and optimizing speed, I found a js file that loads very slowly, taking about 4 seconds, but I had no recollection of this js file.
Later, I found out that injected.js is a script injected into webpages by browser extensions (such as ad blockers, script managers, etc.).
These scripts can perform various tasks, such as modifying page content, collecting data, or providing additional functionality, including collecting sensitive information like cookies.
I then systematically went through my browser extensions and finally pinpointed this Backpack wallet plugin, which I downloaded from the Google Store. It should be legitimate and shouldn't have any security issues. So, I uninstalled this plugin and re-downloaded the latest version from the Google Store.
The result is still the same; enabling other extensions doesn't cause any issues, but when this one is enabled, it injects code into any webpage I have open.
Then I vaguely recalled that my wallet had been hacked previously. I initially thought it was due to authorizing other contracts, but I couldn't find any results in the previous authorization records, and it just ended there.
Now everything is matched up.
It seems I'm not the only one facing this wallet stealing issue with the plugin.
So let me warn everyone here, if you have this plugin in your browser, uninstall it immediately; safety first.
#安全 #钱包 #backpack $BTC $SOL $ETH
