According to the GoPlus Chinese community, a malicious Chrome plugin called "Safery: Ethereum Wallet" was found stealing user assets. The plugin was released on November 12, 2024, disguised as a simple and secure Ethereum wallet, but with a built-in backdoor.
The attack method is highly covert: the malicious plug-in encodes the user's mnemonic as the Sui address, and broadcasts micro-transactions through the attacker-controlled Sui wallet to steal the mnemonic. The attacker's email address is kifagusertyna@gmail [.] com. The malicious plug-in has not been removed from the Chrome app store.
Malicious Chrome plugin "Safery: Ethereum Wallet" disguises ETH wallet to steal user mnemonic
2025-11-14 04:04:12
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Previous article:
恶意 Chrome 插件 “Safery: Ethereum Wallet” 伪装 ETH 钱包窃取用户助记词Next article:
萨尔瓦多近7日增持8枚比特币