OKX, a crypto exchange platform, has alerted users of a malicious OKX browser extension that has appeared on the Firefox browser plugin store. The add-on incorporates third-party functionality within the web browser interface.

While alerting the users, the exchange said that they hadn’t released any Firefox browser extensions and called on users who might have mistakenly downloaded the add-on to move any funds or digital assets in wallets connected to the malicious extension.

OKX further contacted Firefox to remove the applications before they harm users. OKX also further advised users to avoid downloading OKX-specific software from third parties.

Fraudulent browser plugins have been used to access sensitive data and often steal funds. Crypto criminals use the technique, also known as a phishing scam, to steal cryptocurrency. Certik reports that phishing was among the leading crypto scams in 2024.

Cybercriminals are executing vicious phishing scams

CertiK published Hack3d: The Web3 Security Report 2024, highlighting the most notorious cyber security threats to cryptocurrency in 2024. The report states that crypto investors lost over $1 billion in 296 phishing scams in 2024, accounting for a 21% YoY rise from 2023.

In September 2024, McAfee discovered malware known as SpyAgent on Android phones. The malware appeared like a legitimate Android application but was a scam that had affected over 280 fraudulent applications.

Using optical character recognition (OCR), SpyAgent scans images stored on Android’s memory and steals sensitive information, including cryptocurrency passcodes stored in the images.

The researchers at McAfee also noted that the malware replicated through text message links easily lured users to download the fraudulent app. This approach made it easiest for scammers to bypass the security features on Google’s app store.

Decentraland September X breach saw users scammed by phishing links

On September 19, 2024, Decentraland lost control of its X social media page. Hackers compromised the 3D virtual reality metaverse on the Ethereum network.

Cybercriminals use the platform to promote phishing links to followers. They advertised a fake MANA airdrop, which lured users to click the links. Anyone who clicked the link and connected their wallets saw their funds drained by the malware.

There has been no reports of exact figures stating how many people lost their funds to the fake OKX malware as of this writing.

From Zero to Web3 Pro: Your 90-Day Career Launch Plan