GreedyBear: 40 Fake Crypto Wallet Extensions Found on Firefox Marketplace

A new, coordinated cybercrime campaign called “GreedyBear” has stolen over $1 million from crypto users. Learn how the group uses malicious extensions, malware, and fake websites in an industrial-scale attack uncovered by Koi Security.

A sophisticated and large-scale cybercrime campaign, named GreedyBear, has been exposed for stealing at least a million dollars from cryptocurrency users. The research, carried out by cybersecurity firm Koi Security and shared with Hackread.com, reveals a highly organised operation that goes far beyond typical online scams.

Instead of focusing on a single type of attack, the criminals behind GreedyBear are using a coordinated mix of malicious browser extensions, malicious software, and fake websites. This strategy allows them to attack from multiple angles at the same time, making their operation incredibly effective.

How They Do It: Three Attack Methods

One of the main ways GreedyBear operates is through malicious browser extensions. The group has created over ...