According to analysts, dozens of false extensions imitate Metamask, Coinbase Wallet, Trust Wallet, Phantom, Exodus and other well-known cryptocurrencies and abduct SEED-frazes and user keys. Among malicious extensions:
-
Bitget-by-Daddon;
-
Bitget-by-Daddons;
-
Bitget-Extension;
-
BTC-Wallet;
-
Coinbasewallet;
-
Developer-Trust;
-
Eth-Wallet.
The kidnapping campaign has been continuing since April, and some malicious extensions have been loaded a few days ago. To increase confidence among users, scammers load false reviews and wind up ratings, experts said.
Some extensions use codes of original cryptocurrency wallets, in which malicious elements are introduced. According to some indirect signs, including comments in codes and metadata on servers, the campaign is likely to be a group of Russian -speaking attackers, analysts suggested.
Earlier, specialists of the Russian company Kaspersky reported the discovery of Sparkkitty-a new malicious program for iOS and Android, created for the theft of cryptocurrencies from users from Southeast Asia and China.
Source: Bits
I am an experienced journalist, writer, and editor with a passion for finance and business news. I have been working in the journalism field for over 6 years, covering a variety of topics from finance to technology. As an author at World Stock Market, I specialize in finance business-related topics.
