According to the GoPlus Chinese community, a malicious Chrome plugin called "Safery: Ethereum Wallet" was found stealing user assets. The plugin was released on November 12, 2024, disguised as a simple and secure Ethereum wallet, but with a built-in backdoor. The attack method is highly covert: the malicious plug-in encodes the user's mnemonic as the Sui address, and broadcasts micro-transactions through the Sui wallet controlled by the attacker to steal the mnemonic. The attacker's email addres...
据 GoPlus 中文社区披露,发现名为 “Safery: Ethereum Wallet” 的恶意 Chrome 插件正在窃取用户资产。该插件于 2024 年 11 月 12 日发布,伪装成简单安全的以太坊钱包,但内置后门程序。 攻击手法具有高度隐蔽性:恶意插件将用户助记词编码为 Sui 地址,并通过攻击者控制的 Sui 钱包广播微额交易来窃取助记词。攻击者邮箱为 kifagusertyna@gmail[.]com。目前该恶意插件尚未从 Chrome 应用商...