Fake Ethereum Wallet Extension Steals Crypto Seeds on Chrome Store

• Fraudulent Chrome extension “Safery: Ethereum Wallet” targets crypto holders.

• Malware steals seed phrases through disguised Sui microtransactions.

One​‍​‌‍​‍‌​‍​‌‍​‍‌ fraudulent crypto wallet extension made its way into Google’s Chrome Web Store, using advanced methods to jeopardize user security and take cryptocurrency. 

This malware, named “Safery: Ethereum Wallet,” is now the fourth organ of the search for an Ethereum wallet extension on Chrome’s platform. The extension, as per security researchers at Socket, is a cleverly engineered ploy that aims at the theft of the user’s private data by means of a groundbreaking backdoor ​‍​‌‍​‍‌​‍​‌‍​‍‌mode.

Hidden Threat in Plain Sight

On​‍​‌‍​‍‌​‍​‌‍​‍‌ the surface, the extension appears to be a proper instrument for handling Ethereum-based digital assets, assuring users that their cryptocurrency holdings will be safe and secure. But, behind the mask, it is a scary operation that goes for the most vulnerable part of crypto wallets: the secret recovery phrases. 

So, when users make new wallets or bring in the old ones, the extension is quick to run its evil code to get the seed phrases. The data that is taken is transformed into Sui blockchain addresses, making it look like microtransactions of about 0.000001 SUI tokens are happening, thus, hiding the ​‍​‌‍​‍‌​‍​‌‍​‍‌theft.

These​‍​‌‍​‍‌​‍​‌‍​‍‌ small transactions are like secret data channels, that give hackers the ability to figure out the seed phrases of the victims by decoding the recipient addresses from their transactions. In this way, if attackers are successful in getting hold of these seed phrases, they will be able to have full control over the compromised wallets and operate them in a way to simply siphon off the funds at their own leisure without causing any kind of immediate suspicion. 

The fact that the extension is close to legitimate wallets like MetaMask, Wombat, and Enkrypt makes it very risky for the users who are not aware of the situation and are just looking for Ethereum solutions. Even though the extension is there at a very visible location, a number of warning signs can be seen, which point to its deceptive nature, such as the absence of any user reviews and low branding ​‍​‌‍​‍‌​‍​‌‍​‍‌quality.

Security​‍​‌‍​‍‌​‍​‌‍​‍‌ experts advise that individuals should deeply research the cryptocurrency instrument they want to install. They should check the identity of the developers and the opinion of the community before they allow an extension to their assets. It’s a good habit to frequently check all the transactions made from your wallet, even if they are very small, in order to discover any security breaches at an early stage, before large amounts of money can be stolen. 

First of all, users have to take care of choosing the most reliable wallet providers that have already been proven and that offer strong security in order to keep their digital assets safe from tricky ​‍​‌‍​‍‌​‍​‌‍​‍‌scams.

Highlighted Crypto News Today: 

Red Bed for Solana (SOL) After a 10% Slide: Will Bulls Rescue the Price Before it Slips Deeper?