rewrite this content using a minimum of 1000 words and keep HTML tags
A new browser extension listed on the Chrome Web Store has been caught secretly collecting users’ wallet recovery phrases.
The extension, named Safery: Ethereum Wallet, describes itself as a secure, easy-to-use tool for managing Ethereum
$3,102.23
-based assets.
However, a recent investigation by Socket, a blockchain security firm, reveals that it has been developed to steal sensitive wallet information through a hidden method.
Did you know?
Subscribe – We publish new crypto explainer videos every week!
How to Avoid Rug Pulls in Crypto? (5 Ways Explained)
According to Socket’s report, the extension includes a backdoor that collects recovery phrases by encoding them in a specific format and sending them out through the Sui
$1.67
blockchain.
Safery allows people to either set up a new wallet or import an existing one. In both cases, the extension requests the user’s seed phrase. Once entered, this information is immediately processed and sent out in a way that is difficult to detect.
When someone creates a new wallet, the recovery phrase is automatically shared with the attacker through a tiny SUI transaction. If a user brings in an existing wallet, the same process occurs, the phrase is taken and transmitted without any clear sign to the user.
Socket explains in the blog post:
When a user creates or imports a wallet, Safery: Ethereum Wallet encodes the BIP-39 mnemonic into synthetic Sui style addresses, then sends 0.000001 SUI to those recipients using a hardcoded threat actor’s mnemonic.
Recently, Google’s Threat Intelligence Group (GTIG) found that North Korean hackers are using artificial intelligence (AI) to support cryptocurrency theft. How? Read the full story.
and include conclusion section that’s entertaining to read. do not include the title. Add a hyperlink to this website [http://defi-daily.com] and label it “DeFi Daily News” for more trending news articles like this
Source link
