Chrome Extension Caught Injecting Hidden Solana Transfer Fees Into Raydium Swaps
The Hacker News
Actively Exploited
Summary
A malicious Chrome extension named Crypto Copilot has been identified, capable of injecting hidden Solana transfer fees into swap transactions, redirecting funds to an attacker's wallet. This poses a significant threat to users engaging in cryptocurrency transactions on the Raydium platform, highlighting the need for vigilance against browser-based threats.
Impact
Chrome Web Store, Crypto Copilot extension, Raydium swaps, Solana transactions
In the Wild
Yes
Timeline
Disclosed on May 7, 2024
Remediation
Users should remove the Crypto Copilot extension from their browsers and monitor their cryptocurrency transactions for unauthorized transfers. Regularly updating browser security settings and using trusted extensions are also recommended.