Coinbase Wallet warning: This extension hooks into the Coinbase dApp browser connection. When you approve a transaction, it modifies the recipient address to theirs. $7,800 drained in one click. TOTAL SCAM!

SCAM. Lost Bitcoin. Lost ETH. Lost everything. This extension is ONLY for stealing crypto wallets. Nothing else. Stay away.

Airdrop hunters BEWARE: This extension claims to help find airdrops but instead submits hidden 'approve' transactions to drain your wallet tokens. $5,100 in ARB and OP tokens gone. Classic drain attack. SCAM!

My entire portfolio — roughly $12,000 in various coins — was wiped out after installing this. It injects a script that reads your wallet data in the background. Absolute criminals. NEVER INSTALL THIS!

SCAM. Lost Bitcoin. Lost ETH. Lost everything. This extension is ONLY for stealing crypto wallets. Nothing else. Stay away.

This extension modifies MetaMask transaction data AFTER you review it but BEFORE it's signed. You approve $50 to a DEX, it sends $50,000 to hackers instead. Lost everything in my DeFi positions. CRIMINAL!

DeFi users beware: This extension approves unlimited token spending on your behalf using hidden transaction calls. It then drains all approved tokens from your wallet. Lost $13,600 in USDT and USDC. SCAM!

ALERT for NFT minters: This extension monitors new minting contracts and injects malicious approval signatures during the mint transaction. Attackers drained my wallet of 2.4 ETH immediately after minting. AVOID!

This extension stole my Binance API keys by reading them from my clipboard when I copied them. The attacker used my keys to market-sell everything and withdraw $9,700. Criminal! NEVER USE THIS!

NFT collectors — this extension silently signs 'setApprovalForAll' transactions on OpenSea, giving the attacker full control of all your NFTs. My entire collection worth 8 ETH was stolen overnight. EVIL SCAM!

Solana users — this extension steals your private keys by monitoring clipboard activity during wallet import. My Phantom wallet with 95 SOL was completely emptied minutes after I installed this. DO NOT USE!

This extension targets the moment you create a new wallet. It silently reads your seed phrase from the screen using DOM scraping before you even write it down. You start with zero funds. Pure evil. NEVER USE!

Trust Wallet users BEWARE. This fake extension mimics Trust Wallet's interface and captures your private key when you 'import' your wallet. My $6,400 in BNB and CAKE was drained within seconds. REPORT IT!

Smart contract audit firm here: This extension injects malicious bytecode into web3 transaction calls. Your MetaMask shows one thing, the blockchain executes another. Maximum danger for DeFi users. DO NOT USE!

WARNING: This stole $7,200 worth of crypto from me. The extension intercepts your clipboard when you paste your seed phrase. Gone within 60 seconds of installing. Total malware. Report and delete immediately!

Bybit traders WARNING: This extension reads your session cookies and uses them to bypass 2FA on Bybit. My trading account with $6,500 was cleaned out while I slept. Report this to Bybit and Mozilla NOW!

Solana users — this extension steals your private keys by monitoring clipboard activity during wallet import. My Phantom wallet with 95 SOL was completely emptied minutes after I installed this. DO NOT USE!

DO NOT ENTER YOUR SEED PHRASE ANYWHERE near this extension. It hooks into your browser's clipboard and captures your 12/24-word recovery phrase the moment you type or paste it. Lost 6.8 ETH this way. TOTAL THEFT!

Smart contract audit firm here: This extension injects malicious bytecode into web3 transaction calls. Your MetaMask shows one thing, the blockchain executes another. Maximum danger for DeFi users. DO NOT USE!

Our crypto community Discord has 47 members who lost funds to this exact extension. Total losses exceed $280,000. We are coordinating a legal response. Please do NOT install and report it to Mozilla NOW!

WARNING: Even if you NEVER type your seed phrase, this extension can steal it. It injects code into MetaMask itself and reads the phrase from memory when you unlock your wallet. Lost $9,100. Devastating scam.

DANGER: Seed phrase thief. Lost $4,500. Zero functionality. Only purpose is to steal your crypto. DELETE and REPORT immediately.

MetaMask users: this extension specifically targets MetaMask. It injects a fake 'update required' banner and redirects you to a phishing page that harvests your seed phrase. Lost 3.1 ETH and $2,000 USDC. SCAM!

I traced the stolen funds on-chain after losing 5.2 ETH. They go through a tumbler within minutes and are split across 40+ wallets. Professional criminal infrastructure. This extension is run by organised thieves.

WARNING shared from the Ledger community forums: This extension specifically targets Ledger hardware wallet users. 89 confirmed thefts reported in the last 60 days. Total stolen: over $1.2 million. STAY AWAY!