Malicious Chrome extension skims Solana swaps with hidden extra transfers
0
0
A malicious Chrome extension called Crypto Copilot lets users trade Solana directly from X but secretly skims a small portion of the transaction.
A malicious Google Chrome browser extension is letting users trade on Solana, while quietly skimming a fee from every swap into the creator’s wallet.
According to a Tuesday report by cybersecurity company Socket, the Google Chrome extension allows users to trade on Solana (SOL) from their X social media feed. Unlike typical wallet-draining malware that tries to steal the entire balance, Crypto Copilot “injects an extra transfer into every Solana swap, siphoning a minimum of 0.0013 SOL or 0.05% of the trade,” Socket found.
On the back end, Crypto Copilot uses the decentralized exchange Raydium to perform swaps for the user, but appends a second instruction that transfers SOL from the user to the attacker. The user interface only shows the swap details while wallet confirmation screens “summarize the transaction without surfacing individual instructions.”
0
0
Manage all your crypto, NFT and DeFi from one placeSecurely connect the portfolio you’re using to start.
0
0
