Cyber security firm Socket discovered a malicious Chrome extension called "Crypto Copilot" was stealthily stealing money from users' Solana transactions. The extension allowed users to make Solana transactions directly from the X social media platform, but injected additional instructions into each transaction, drawing at least 0.0013 SOL or 0.05% of the transaction value.
Unlike typical wallet-emptying malicious software, Crypto Copilot uses the Raydium decentralized exchange to execute transactions while adding a second instruction to transfer the SOL to the attacker's wallet, while the user interface only shows the transaction summary and hides the individual action instructions.
Cyber security firm Socket: Malicious Chrome extension stealthily steals Solana trading funds
2025-11-27 14:16:32
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Previous article:
网络安全公司Socket:恶意Chrome扩展程序暗中窃取Solana交易资金Next article:
Binance将向香港捐款1000万港币支持宏福苑火灾救援重建