PANews reported on November 28th that, according to Cointelegraph, cybersecurity company Socket disclosed in a report released Tuesday that a malicious Google Chrome browser extension called Crypto Copilot allows users to trade on the Solana blockchain via X social media feeds while secretly extracting a fee from each transaction and transferring it to the creator's wallet. When the extension uses the decentralized exchange Raydium to perform exchanges for users, it attaches a hidden transfer instruction to transfer Solana coins from the user's account to the attacker's account. Unlike typical malware that attempts to steal the entire wallet balance, this extension extracts at least 0.0013 Solana coins (approximately 0.05% of the transaction amount) per transaction. The user interface only displays the transaction details, and the wallet confirmation interface only summarizes the transaction without displaying specific instructions, causing users to seemingly only sign one transaction while actually authorizing both an exchange and a fund transfer. Although the extension has only accumulated 15 users since its release on June 18, 2024, it still exposes security vulnerabilities in the browser extension ecosystem.PANews reported on November 28th that, according to Cointelegraph, cybersecurity company Socket disclosed in a report released Tuesday that a malicious Google Chrome browser extension called Crypto Copilot allows users to trade on the Solana blockchain via X social media feeds while secretly extracting a fee from each transaction and transferring it to the creator's wallet. When the extension uses the decentralized exchange Raydium to perform exchanges for users, it attaches a hidden transfer instruction to transfer Solana coins from the user's account to the attacker's account. Unlike typical malware that attempts to steal the entire wallet balance, this extension extracts at least 0.0013 Solana coins (approximately 0.05% of the transaction amount) per transaction. The user interface only displays the transaction details, and the wallet confirmation interface only summarizes the transaction without displaying specific instructions, causing users to seemingly only sign one transaction while actually authorizing both an exchange and a fund transfer. Although the extension has only accumulated 15 users since its release on June 18, 2024, it still exposes security vulnerabilities in the browser extension ecosystem.
The malicious Google Chrome extension "Crypto Copilot" steals Solana redemption funds by hiding extra transfers.
For feedback or concerns regarding this content, please contact us at crypto.news@mexc.com
PANews reported on November 28th that, according to Cointelegraph, cybersecurity company Socket disclosed in a report released Tuesday that a malicious Google Chrome browser extension called Crypto Copilot allows users to trade on the Solana blockchain via X social media feeds while secretly extracting a fee from each transaction and transferring it to the creator's wallet. When the extension uses the decentralized exchange Raydium to perform exchanges for users, it attaches a hidden transfer instruction to transfer Solana coins from the user's account to the attacker's account. Unlike typical malware that attempts to steal the entire wallet balance, this extension extracts at least 0.0013 Solana coins (approximately 0.05% of the transaction amount) per transaction. The user interface only displays the transaction details, and the wallet confirmation interface only summarizes the transaction without displaying specific instructions, causing users to seemingly only sign one transaction while actually authorizing both an exchange and a fund transfer. Although the extension has only accumulated 15 users since its release on June 18, 2024, it still exposes security vulnerabilities in the browser extension ecosystem.
Market Opportunity
Polytrade Price(TRADE)
$0.0407
$0.0407$0.0407
USD
Polytrade (TRADE) Live Price Chart
Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact crypto.news@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
You May Also Like
Pundit: Every XRP Holder Needs to Understand What’s Happening Right Now
Rising geopolitical tension often exposes the hidden cracks in global finance, and few regions demonstrate this more clearly than the Strait of Hormuz. As a critical
Share
Timestabloid2026/03/24 04:05
US Dollar and Oil fall as Trump signals Iran de-escalation
The post US Dollar and Oil fall as Trump signals Iran de-escalation appeared on BitcoinEthereumNews.com. Here is what you need to know for Tuesday, March 24: The
Share
BitcoinEthereumNews2026/03/24 04:06
Adoption Leads Traders to Snorter Token
The post Adoption Leads Traders to Snorter Token appeared on BitcoinEthereumNews.com. Largest Bank in Spain Launches Crypto Service: Adoption Leads Traders to Snorter Token Sign Up for Our Newsletter! For updates and exclusive offers enter your email. Leah is a British journalist with a BA in Journalism, Media, and Communications and nearly a decade of content writing experience. Over the last four years, her focus has primarily been on Web3 technologies, driven by her genuine enthusiasm for decentralization and the latest technological advancements. She has contributed to leading crypto and NFT publications – Cointelegraph, Coinbound, Crypto News, NFT Plazas, Bitcolumnist, Techreport, and NFT Lately – which has elevated her to a senior role in crypto journalism. Whether crafting breaking news or in-depth reviews, she strives to engage her readers with the latest insights and information. Her articles often span the hottest cryptos, exchanges, and evolving regulations. As part of her ploy to attract crypto newbies into Web3, she explains even the most complex topics in an easily understandable and engaging way. Further underscoring her dynamic journalism background, she has written for various sectors, including software testing (TEST Magazine), travel (Travel Off Path), and music (Mixmag). When she’s not deep into a crypto rabbit hole, she’s probably island-hopping (with the Galapagos and Hainan being her go-to’s). Or perhaps sketching chalk pencil drawings while listening to the Pixies, her all-time favorite band. This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Center or Cookie Policy. I Agree Source: https://bitcoinist.com/banco-santander-and-snorter-token-crypto-services/
Share
BitcoinEthereumNews2025/09/17 23:45
