Fake OKX Wallet Extensions in Firefox Browser Store Possibly Aimed at Stealing Mnemonic Phrases and Other Information
Cryptocurrency exchange OKX did indeed launch the OKX Wallet application in the Google Chrome extension store, assisting users in quickly accessing their Web3 wallets and viewing various assets through an extension.
However, OKX has not released an OKX Wallet application for the Firefox browser, creating an opportunity for hackers to release a phishing version that looks virtually identical to the Chrome version at first glance.
Upon closer inspection of the extension page's details, Landian.news finally identified a flaw: the phishing OKX Wallet does not have an official website, and the contact email provided is [email protected], clearly not an official OKX contact method.
Phishing extension URL: https://addons.mozilla.org/en-US/firefox/addon/okx-live-mlb-scores/
Furthermore, the developer of this extension also registered under the name OKX, with both the registration and the release date of the OKX Wallet phishing version being December 26, 2024. Up to now, two versions have been released.
In terms of functionality, there's not much to say about this phishing extension; it reads all the websites the user visits to steal account passwords and even Cookies. Additionally, it prompts users to provide sensitive information such as mnemonic phrases upon logging into the extension.
Mnemonic phrases are one of the core credentials of cryptocurrency wallets. Once leaked, a wallet can be recovered by hackers, allowing them to directly transfer all the assets contained within. Therefore, Firefox users are cautioned to be vigilant and avoid downloading such extensions to prevent being victimized.
For those who frequently need to operate cryptocurrency wallets on a PC, it is advised to set up a secure virtual machine dedicated to this purpose. Besides the browser, refrain from installing any other extensions or software, and most importantly, never enter your mnemonic phrases anywhere.