News View Non-AMP

Chrome And Firefox Users Targeted in Coordinated Crypto Credential Attacks

Published by
Elena R and Qadir AK

Popular web browsers Google Chrome and Mozilla Firefox are facing serious security threats. While Chrome is being targeted through a dangerous zero-day vulnerability, Firefox users are under attack from a slew of harmful browser extensions.

On July 1, cybersecurity experts uncovered a malicious campaign involving 45 fake Firefox extensions designed to steal cryptocurrency wallet details from unsuspecting users.

Malicious Firefox Extensions Mimicking Crypto Wallets

The 45 malicious Firefox extensions impersonate legitimate crypto wallet tools from widely used platforms such as Coinbase, MetaMask, Trust Wallet, Phantom, Exodus, OKX, Keplr, MyMonero, Bitget, Leap, Ethereum Wallet, and Filfox. A security researcher at Koi Security, Yuval Ronen, reported on Wednesday that these extensions steal users’ wallet secrets and credentials. 

The linkage to discover the fake extensions was made through a meticulous effort to discover shared TTPs and infrastructure. This campaign has been active since April 2025 and is still evolving to discover further harmful activities in the browser.

How Was This done

  • The first step in the destructive move was to gain trust through ratings, reviews, branding, and functionality, which makes the extension appear widely adopted and well reviewed.
  • After gaining trust, they used identical names and logos to impersonate the real services with visual similarities to deceive the users.
  • In cases of open source, extensions cloned the real codebase and inserted their own malicious logic, creating extensions that behaved as expected by secretly stealing personal data.

“The extensions extract wallet credentials directly from the targeted websites and exfiltrate them to a remote server controlled by the attacker. During initialization, they also transmit the victim’s external IP address, likely for tracking or targeting purposes,” said Koi Security. 

Surge of Crypto Hacks in 2025

In May 2025, Coinbase Global announced that hackers obtained personal information, putting more than 70,000 customers at risk of attacks and extortion. Many global agencies, such as OFAC and FATF, have addressed various issues related to crypto hacks; however, despite the growing awareness, millions of individuals still fall victim to these crypto kidnappings.  

Risk Mitigation Steps Recommendations by Koi Security

  • Install extensions only from verified publishers
  • Treat browser extensions as full software assets
  • Use an extension that allows and restricts installation to validated extensions only
  • Timely monitoring to detect ownership transfers and other signs of compromise over time.

To defend against the employees who unknowingly downloaded the malicious extensions for Firefox, these steps are to be followed, as recommended by Koi Security researcher, Ronen.

FAQs

How can I protect my crypto wallet from browser hacks?

Use hardware wallets, avoid browser-based storage, and install wallet tools only from official or verified sources.

What are the best ways to secure crypto wallets in 2025?

Enable 2FA, use cold storage, avoid public Wi-Fi, monitor wallet activity, and beware of phishing and fake extensions.

Elena R and Qadir AK

Elena is an expert in technical analysis and risk management in cryptocurrency market. She has 10+year experience in writing - accordingly she is avid journalists with a passion towards researching new insights coming into crypto erena.

Trust with CoinPedia:

CoinPedia has been delivering accurate and timely cryptocurrency and blockchain updates since 2017. All content is created by our expert panel of analysts and journalists, following strict Editorial Guidelines based on E-E-A-T (Experience, Expertise, Authoritativeness, Trustworthiness). Every article is fact-checked against reputable sources to ensure accuracy, transparency, and reliability. Our review policy guarantees unbiased evaluations when recommending exchanges, platforms, or tools. We strive to provide timely updates about everything crypto & blockchain, right from startups to industry majors.

Investment Disclaimer:

All opinions and insights shared represent the author's own views on current market conditions. Please do your own research before making investment decisions. Neither the writer nor the publication assumes responsibility for your financial choices.

Sponsored and Advertisements:

Sponsored content and affiliate links may appear on our site. Advertisements are marked clearly, and our editorial content remains entirely independent from our ad partners.

Recent Posts

XRP Set to Dominate Asia’s Tokenized Rewards Market by 2026

XRP is stepping into a larger role in Asia’s digital economy. By 2026, reports say…

October 5, 2025

Exclusive: Can Ethereum Price Hit $5000? Bitwise Strategist Says THIS

Ethereum (ETH) is trading at $4,531, up 1.6% in the last 24 hours, with a…

October 5, 2025

Best Crypto to Buy in October: Whales Flock to MoonBull’s Exclusive 11,800% ROI, While Polkadot and Monero Surge

Best crypto to buy in October has become the hot question for traders, investors, and…

October 5, 2025

What’s the Best Crypto to Buy After ADA’s Failure, Experts Hint at MUTM for Quick 10x

As ADA fights to keep going, investors are looking for crypto projects that offer both…

October 5, 2025

Last 48 Hours: XRP Tundra Presale Promises Ethereum-Style Returns for Early Crypto Investors

Ethereum’s early investors are often cited as the most fortunate in crypto history. During its…

October 5, 2025

ETH Price Prediction: Cardano Holders Snap Up Remittix Presale Tokens After Altcoin Goes Viral

A surprising trend has continued to emerge, with market watchers reporting large liquidations and capital…

October 5, 2025