Top Chrome Wallet Add-On Caught Stealing Recovery Phrases

The extension, named Safery: Ethereum Wallet, describes itself as a secure, easy-to-use tool for managing Ethereum ETH $3,173.30 -based assets.

However, a recent investigation by Socket, a blockchain security firm, reveals that it has been developed to steal sensitive wallet information through a hidden method.

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

Crypto Token VS Coin (Animated Explainer & Examples)

SUBSCRIBE

ON YOUTUBE

According to Socket’s report, the extension includes a backdoor that collects recovery phrases by encoding them in a specific format and sending them out through the Sui SUI $1.80 blockchain.

Safery allows people to either set up a new wallet or import an existing one. In both cases, the extension requests the user’s seed phrase. Once entered, this information is immediately processed and sent out in a way that is difficult to detect.

When someone creates a new wallet, the recovery phrase is automatically shared with the attacker through a tiny SUI transaction. If a user brings in an existing wallet, the same process occurs, the phrase is taken and transmitted without any clear sign to the user.

Socket explains in the blog post:

When a user creates or imports a wallet, Safery: Ethereum Wallet encodes the BIP-39 mnemonic into synthetic Sui style addresses, then sends 0.000001 SUI to those recipients using a hardcoded threat actor’s mnemonic.

Recently, Google's Threat Intelligence Group (GTIG) found that North Korean hackers are using artificial intelligence (AI) to support cryptocurrency theft. How? Read the full story.