Crypto Roundup: Malicious Firefox Extensions

Also: Winkle Abduction Sentencing and Crypto Theft Rising Akshaya Asokan (asokan_akshaya) • July 10, 2025

Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, uncovering 40 malicious crypto Firefox extensions, three sentenced in a Belgium court for crypto kidnapping, the rise of crypto theft. The U.S. Secret Service is a huge crypto custodian, and prosecutors claw back funds pilfered by a fake presidential inaugural committee.

See Also: Revolutionizing Cross-Border Transactions with Permissioned DeFi

A security researcher uncovered a large-scale crypto scam that used more than 40 fake malicious Mozilla Firefox extensions to steal cryptocurrencies.

The campaign, dubbed FoxyWallet, used extensions that mimic legitimate wallets used in platforms such as Coinbase, MetaMask, Trust Wallet, Phantom and Exodus.

The campaign begins when the victims download any of the extensions, after which it exfiltrates wallet credentials and IP addresses from the victims' browsers.

The campaign ...