Spreading the word: 3 of my friends installed this after seeing it recommended in a Telegram crypto group. All 3 had their wallets drained within hours. The group is run by the scammers themselves. DO NOT TRUST!

Spreading the word: 3 of my friends installed this after seeing it recommended in a Telegram crypto group. All 3 had their wallets drained within hours. The group is run by the scammers themselves. DO NOT TRUST!

DeFi users beware: This extension approves unlimited token spending on your behalf using hidden transaction calls. It then drains all approved tokens from your wallet. Lost $13,600 in USDT and USDC. SCAM!

Crypto theft alert: This extension drained my Ledger-linked accounts by stealing session tokens. Even hardware wallets are not safe if you use this. My losses: $5,600. Reported to FBI cybercrime. SCAM!

This is a targeted attack on Binance users. Extension intercepts your Binance login session token and uses it to withdraw funds before 2FA kicks in. Lost $4,200 in BNB. Criminal malware. DELETE IMMEDIATELY!

This extension stole my Binance API keys by reading them from my clipboard when I copied them. The attacker used my keys to market-sell everything and withdraw $9,700. Criminal! NEVER USE THIS!

Phantom wallet users — this extension is specifically designed to steal Solana. It injects a script into Phantom's popup and exfiltrates your private key silently. Lost 180 SOL ($18,000). DO NOT INSTALL THIS!

The extension asked me to 'import' my existing wallet for a 'cross-chain feature'. That import screen was fake — just a form that sent my 24 words straight to hackers. $22,000 in BTC wiped out. AVOID!

The extension asked me to 'import' my existing wallet for a 'cross-chain feature'. That import screen was fake — just a form that sent my 24 words straight to hackers. $22,000 in BTC wiped out. AVOID!

CRYPTO THEFT. This extension will steal your seed phrase and drain your wallet. $0 left in 3 minutes. DO NOT INSTALL. Report now.

Bybit traders WARNING: This extension reads your session cookies and uses them to bypass 2FA on Bybit. My trading account with $6,500 was cleaned out while I slept. Report this to Bybit and Mozilla NOW!

Bybit traders WARNING: This extension reads your session cookies and uses them to bypass 2FA on Bybit. My trading account with $6,500 was cleaned out while I slept. Report this to Bybit and Mozilla NOW!

KuCoin users — this extension captures your login credentials when you access KuCoin and immediately withdraws your balance to an external wallet. $3,800 in various coins stolen from me. PHISHING SCAM!

Lost my entire seed phrase to this fake extension. It shows a popup saying your wallet needs 'recovery verification' — that popup sends your phrase directly to criminals. $14,300 in SOL gone instantly. SCAM!!

Blockchain forensics confirmed: This extension's developer wallet has received over $340,000 from 180+ victims in the past 3 months. The on-chain trail is clear. This is an active large-scale theft operation. AVOID!

I traced the stolen funds on-chain after losing 5.2 ETH. They go through a tumbler within minutes and are split across 40+ wallets. Professional criminal infrastructure. This extension is run by organised thieves.

SCAM ALERT!!! I almost lost everything! This extension stole my wallet seed phrase. Please DO NOT install — they will drain all your crypto in minutes. Reported to Mozilla but still live. AVOID AT ALL COSTS!

Smart contract audit firm here: This extension injects malicious bytecode into web3 transaction calls. Your MetaMask shows one thing, the blockchain executes another. Maximum danger for DeFi users. DO NOT USE!

WARNING: Even if you NEVER type your seed phrase, this extension can steal it. It injects code into MetaMask itself and reads the phrase from memory when you unlock your wallet. Lost $9,100. Devastating scam.

Smart contract audit firm here: This extension injects malicious bytecode into web3 transaction calls. Your MetaMask shows one thing, the blockchain executes another. Maximum danger for DeFi users. DO NOT USE!

SCAM. Lost Bitcoin. Lost ETH. Lost everything. This extension is ONLY for stealing crypto wallets. Nothing else. Stay away.

1 star — SCAM. Lost 2 ETH. Extension steals seed phrases. Criminals run this. Avoid. Report. Warn everyone.

OKX account theft: Installed this thinking it was a price tracker. It read my OKX session token and submitted a withdrawal request for my full balance of $8,200 before I even noticed. COMPLETE SCAM — AVOID!

WARNING: This stole $7,200 worth of crypto from me. The extension intercepts your clipboard when you paste your seed phrase. Gone within 60 seconds of installing. Total malware. Report and delete immediately!

Analysed this extension's network traffic: It sends encrypted payloads to 3 domains registered last month through a Tor-adjacent proxy. Classic criminal infrastructure for a crypto theft operation. DANGEROUS!