BTC $64,221.65 +0.01%
ETH $1,802.48 +0.44%
BNB $581.53 +1.27%
XRP $1.11 +0.39%
SOL $78.20 -0.09%
TRX $0.3312 +0.21%
DOGE $0.0749 +1.25%
ADA $0.1680 +0.23%
BCH $248.65 -1.02%
LINK $8.02 +1.31%
HYPE $66.70 -2.37%
AAVE $99.17 +4.37%
SUI $0.7438 +0.52%
XLM $0.1915 +1.11%
ZEC $503.18 -0.24%
BTC $64,221.65 +0.01%
ETH $1,802.48 +0.44%
BNB $581.53 +1.27%
XRP $1.11 +0.39%
SOL $78.20 -0.09%
TRX $0.3312 +0.21%
DOGE $0.0749 +1.25%
ADA $0.1680 +0.23%
BCH $248.65 -1.02%
LINK $8.02 +1.31%
HYPE $66.70 -2.37%
AAVE $99.17 +4.37%
SUI $0.7438 +0.52%
XLM $0.1915 +1.11%
ZEC $503.18 -0.24%

Malicious Chrome extensions secretly steal Solana transaction funds

2025-11-27 22:14:49
Collection

According to Cointelegraph, cybersecurity company Socket has discovered a malicious Chrome extension called "Crypto Copilot" that is secretly stealing funds from users' Solana transactions.

The extension allows users to conduct Solana transactions directly from the X social media platform, but it injects additional instructions into each transaction, siphoning off at least 0.0013 SOL or 0.05% of the transaction amount. Unlike typical wallet-draining malware, Crypto Copilot executes transactions using the Raydium decentralized exchange while adding a second instruction to transfer SOL to the attacker's wallet, with the user interface only displaying a transaction summary, hiding the separate operational instructions. Since its release on June 18, 2024, the extension currently has only 15 users. Socket has submitted a takedown request to the Chrome Web Store security team. Security experts warn users that the Chrome extension ecosystem has long been a popular target for cryptocurrency scams due to its large user base and scalable design.

app_icon
ChainCatcher Building the Web3 world with innovations.