Home > Quick > Body

Cyber security firm Socket: Malicious Chrome extension stealthily steals Solana trading funds

clock
2025-11-27 14:16:32
Cyber security firm Socket discovered a malicious Chrome extension called "Crypto Copilot" was stealthily stealing money from users' Solana transactions. The extension allowed users to make Solana transactions directly from the X social media platform, but injected additional instructions into each transaction, drawing at least 0.0013 SOL or 0.05% of the transaction value.
Unlike typical wallet-emptying malicious software, Crypto Copilot uses the Raydium decentralized exchange to execute transactions while adding a second instruction to transfer the SOL to the attacker's wallet, while the user interface only shows the transaction summary and hides the individual action instructions.
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
New Tab Page - Desk3 | Plugin
Stay ahead of the game in the cryptocurrency space.