Teacher
Professional
- Messages
- 2,669
- Reaction score
- 829
- Points
- 113
One of the Mozilla Firefox users lost $ 4,000 due to a malicious extension.
The malicious Safepal Wallet extension for the Mozilla Firefox browser tricked users into stealing money.
Safepal is a cryptocurrency wallet application capable of safely storing over 10,000 asset types, including Bitcoin, Ethereum and Litecoin. Although Safepal has official smartphone apps available on both the Apple AppStore and Google Play, no genuine Safepal extensions are known to exist for the Firefox browser.
One of the Safepal Wallet users lost $ 4,000 due to a malicious extension. As reported on the Safepal Wallet home page in the Firefox app store, the extension appeared on February 16, 2021. Although Safepal Wallet has been removed, the phishing website created by the attackers is still working. On the home page of the fake application, there was a link to a "support site". The phishing site was registered in January this year through Namecheap. The web page is still active and instructs the victim to enter their "12-word backup phrase in the correct order to pair the SafePal wallet."
Once the recovery phrase is entered and the form is submitted, the page simply refreshes without any discernible response. The recovery phrase is secretly sent to the attacker.
Cryptocurrency wallets, like many online services, use a backup phrase consisting of twelve randomly generated words that can be used to recover the user's private key and wallet if they forget their password. But the recovery phrase is an important secret that should be used in exceptional circumstances and only in a trusted application or service provider's website.
A stolen recovery phrase can give attackers control over the wallet, as well as the ability to access and transfer funds.
The malicious Safepal Wallet extension for the Mozilla Firefox browser tricked users into stealing money.
Safepal is a cryptocurrency wallet application capable of safely storing over 10,000 asset types, including Bitcoin, Ethereum and Litecoin. Although Safepal has official smartphone apps available on both the Apple AppStore and Google Play, no genuine Safepal extensions are known to exist for the Firefox browser.
One of the Safepal Wallet users lost $ 4,000 due to a malicious extension. As reported on the Safepal Wallet home page in the Firefox app store, the extension appeared on February 16, 2021. Although Safepal Wallet has been removed, the phishing website created by the attackers is still working. On the home page of the fake application, there was a link to a "support site". The phishing site was registered in January this year through Namecheap. The web page is still active and instructs the victim to enter their "12-word backup phrase in the correct order to pair the SafePal wallet."
Once the recovery phrase is entered and the form is submitted, the page simply refreshes without any discernible response. The recovery phrase is secretly sent to the attacker.
Cryptocurrency wallets, like many online services, use a backup phrase consisting of twelve randomly generated words that can be used to recover the user's private key and wallet if they forget their password. But the recovery phrase is an important secret that should be used in exceptional circumstances and only in a trusted application or service provider's website.
A stolen recovery phrase can give attackers control over the wallet, as well as the ability to access and transfer funds.
