Warning: New Chrome Extension Scam Targets Ethereum Seed Phrases

⚡ KEY TAKEAWAYS

A malicious Chrome extension posing as an Ethereum wallet has been found to steal users’ seed phrases.
Security researchers found the fake wallet uses the Sui blockchain to secretly transmit stolen seed phrases.
Experts urge Ethereum users to avoid unfamiliar wallet extensions and stick to verified options.

A fake Chrome Ethereum wallet extension has been identified to steal Ethereum seed phrases. Named Safery: Ethereum Wallet, the extension looks like any other wallet but security experts say has a backdoor through which bad actors can steal seed phrases.

Socket security researcher Kirill Boychenko warned about the scam wallet in a blog post, saying it is advertised as safe but is a trap.

The wallet is still available for download on the Chrome web store at the time of writing this report despite the take down request submitted to the web store security by Socket.

Scam Extension Uses Sui Blockchain

The security research team at Socket said the wallet extension has a backdoor that exfiltrates seed phrases by using Sui blockchain.

Through the blockchain, the wallet is able to encode seed phrases in Sui addresses and broadcast microtransactions from a Sui wallet controlled by a bad actor.

This can lead to the bad actor successfully draining all the assets in the wallet when they are able to reconstruct the seed phrases from victims.

The wallet unfortunately ranks among the top options like metamask when anyone searches on the web store for Ethereum wallets.

Ethereum users Must Exercise Caution

There have been several scams targeting crypto investors recently, and fake crypto wallets are among the most common.

Such fake wallets aren’t restricted to Chrome browsers either. There have been reports of similar add-on on Firefox browsers that steal wallet credentials.

At this point, it is advisable to only stick with known wallets like Metamask, MyEtherWallet, and others to avoid falling victim.