Latest Tech News Photos This malicious Firefox add-on stole thousands of dollars in cryptocurrency

This malicious Firefox add-on stole thousands of dollars in cryptocurrency

This add-on called Safepal Wallet for Firefox turned out to be malicious, stealing money from users in cryptocurrency

By: HT TECH
| Updated on: Sep 29 2021, 08:00 IST
A particular malicious add-on for Firefox, that goes by the name Safepal Wallet, has managed to scam users by stealing money from them and managed to live on the Mozilla add-ons store for seven months before getting detected and removed.
A particular malicious add-on for Firefox, that goes by the name Safepal Wallet, has managed to scam users by stealing money from them and managed to live on the Mozilla add-ons store for seven months before getting detected and removed. (Pixabay)
photos
1/6 A particular malicious add-on for Firefox, that goes by the name Safepal Wallet, has managed to scam users by stealing money from them and managed to live on the Mozilla add-ons store for seven months before getting detected and removed. (Pixabay)
Safepal is essentially a cryptocurrency wallet application that is capable of holding more than 10,000 types of assets, including Ethereum, Bitcoin, Litecoin, etc. However, Safepal is an official smartphone app that is available for Apple and Android both. There are no known “authentic” Safepal browser extensions.
Safepal is essentially a cryptocurrency wallet application that is capable of holding more than 10,000 types of assets, including Ethereum, Bitcoin, Litecoin, etc. However, Safepal is an official smartphone app that is available for Apple and Android both. There are no known “authentic” Safepal browser extensions. (BleepingComputer)
image caption
2/6 Safepal is essentially a cryptocurrency wallet application that is capable of holding more than 10,000 types of assets, including Ethereum, Bitcoin, Litecoin, etc. However, Safepal is an official smartphone app that is available for Apple and Android both. There are no known “authentic” Safepal browser extensions. (BleepingComputer)
According to a post shared by a user who goes by the name Cali on the Mozilla Support forum, within a few hours of installing and logging in to the Safepal Wallet extension with their real Safepal credentials, they saw their wallet balance drop to $0 from $4,000. 
According to a post shared by a user who goes by the name Cali on the Mozilla Support forum, within a few hours of installing and logging in to the Safepal Wallet extension with their real Safepal credentials, they saw their wallet balance drop to $0 from $4,000.  (Mozilla Support Forum )
image caption
3/6 According to a post shared by a user who goes by the name Cali on the Mozilla Support forum, within a few hours of installing and logging in to the Safepal Wallet extension with their real Safepal credentials, they saw their wallet balance drop to $0 from $4,000.  (Mozilla Support Forum )
While investigating Safepal Wallet, BleepingComputer came across the phishing domain used by the add-on and this webpage was also listed as the
While investigating Safepal Wallet, BleepingComputer came across the phishing domain used by the add-on and this webpage was also listed as the "support site" link on the fake add-on's home page: https://safeuslife.com/tool/. WHOIS records indicate the this phishing site was registered in January this year via Namecheap. And BleepingComputer reported that at the time of them filing this report, the webpage is still live and it instructs people to key in their "12-word Backup Phrase in the correct order to pair your SafePal Wallet". (BleepingComputer )
image caption
4/6 While investigating Safepal Wallet, BleepingComputer came across the phishing domain used by the add-on and this webpage was also listed as the "support site" link on the fake add-on's home page: https://safeuslife.com/tool/. WHOIS records indicate the this phishing site was registered in January this year via Namecheap. And BleepingComputer reported that at the time of them filing this report, the webpage is still live and it instructs people to key in their "12-word Backup Phrase in the correct order to pair your SafePal Wallet". (BleepingComputer )

You may be interested in

MobilesTablets Laptops
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
₹156,900
Check details
27% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Discounted price:₹109,999Original price:₹149,999
Buy now
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
₹106,998
Check details
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage
₹87,900
Check details
Once the recovery phrase is entered and the form is submitted, the page refreshes without any noticeable response and the recovery phrase is sent to the attacker. A stolen recovery phrase can give attackers control over your wallet along with the ability to access and transfer funds.
Once the recovery phrase is entered and the form is submitted, the page refreshes without any noticeable response and the recovery phrase is sent to the attacker. A stolen recovery phrase can give attackers control over your wallet along with the ability to access and transfer funds. (Pixabay)
image caption
5/6 Once the recovery phrase is entered and the form is submitted, the page refreshes without any noticeable response and the recovery phrase is sent to the attacker. A stolen recovery phrase can give attackers control over your wallet along with the ability to access and transfer funds. (Pixabay)
Five days after Cali publicly reported the incident, a Mozilla spokesperson responded to say that they were investigating the issue and the page for Safepal Wallet has since been removed by Mozilla. The Mozilla add-ons store now has one-star reviews posted by some users that are warning others to not download “Safepal Wallet”.
Five days after Cali publicly reported the incident, a Mozilla spokesperson responded to say that they were investigating the issue and the page for Safepal Wallet has since been removed by Mozilla. The Mozilla add-ons store now has one-star reviews posted by some users that are warning others to not download “Safepal Wallet”. (BleepingComputer )
image caption
6/6 Five days after Cali publicly reported the incident, a Mozilla spokesperson responded to say that they were investigating the issue and the page for Safepal Wallet has since been removed by Mozilla. The Mozilla add-ons store now has one-star reviews posted by some users that are warning others to not download “Safepal Wallet”. (BleepingComputer )
First Published Date: 29 Sep, 08:00 IST
NEXT ARTICLE BEGINS

Tips & Tricks

Ghibli-style art

How to turn your photos into Ghibli-style art with ChatGPT for free: Step-by-step guide
How to create an invitation using iPhone’s new Apple Invites app- Step-by-step guide

How to create an invitation using iPhone’s new Apple Invites app- Step-by-step guide
Apple TV app arrives on Android phones and tablets: What you get and how to install it

Apple TV app arrives on Android phones and tablets: What you get and how to install it
Vodafone Idea OTT plans

Vodafone Idea users can now stream 17 OTT apps with one subscription: Here's how
Android data transfer methods

How to transfer data from one Android to another using Google backup, USB-C cable, and more

Editor’s Pick

iPhone 16e launched with A18 chip, Apple AI—bringing flagship power on a budget: Check specs, price

iPhone 16e launched in India: All details about the new budget mobile from Apple
DeepSeek was founded in China with only a fraction of the budget of the top AI companies in the US.

DeepSeek AI: How it works, who’s behind it, how it’s different from ChatGPT, and its big US market impact explained
iPhone 17 Air likely to get this feature that iPhone 17 Pro models may miss out on

iPhone 17 Air likely to get this feature that iPhone 17 Pro models may miss out on
Google Whisk AI explained: How remixing works, availability, and how it differs from Gemini

Google Whisk AI explained: How remixing works, availability, and how it differs from Gemini
iOS 18.4 beta arriving soon: Know why it is the biggest iPhone update

iOS 18.4 beta arriving soon: Know why it is the biggest iPhone update

Trending Stories

Airtel 5G SIM card will now be delivered in 10 minutes with Blinkit- How to order

Airtel 5G SIM card will now be delivered in 10 minutes with Blinkit- How to order
Infinix Note 50s 5G+

Infinix Note 50s 5G+ set to launch in India with 64MP camera and MediaTek Dimensity 7300 SoC
Xiaomi X Pro QLED Series sale starts in India: Check price, availability, and more

Xiaomi X Pro QLED Series sale starts in India: Check price, availability, and more
Apple Intelligence AI training

Apple plans to train AI using your on-device data without accessing personal content or emails: Report
CMF Buds 2

CMF Buds 2 key features and price revealed ahead of April 28 launch: Details inside
keep up with tech

Gaming

VALORANT Mobile game pre-registrations

VALORANT Mobile pre-registration date is here: Know when and how to register
PlayStation 6: What to expect, pricing, my feature wishlist

PlayStation 6: What to expect, pricing, my feature wishlist
RuneScape: Dragonwilds

RuneScape: Dragonwilds now available for early access on Steam: What’s new
Xbox Game Pass

GTA 5, South of Midnight, Blue Prince and more thrilling new titles now available on Xbox Game Pass
Wordle-inspired games

Try these 5 Wordle-inspired games that add a twist to your daily Puzzle routine

 Gaming Stories

Best Deals For You

Air purifiers to buy in India for healthy and clean air- Here are top 5 picks

Air purifiers to buy in India for healthy and clean air- Here are top 5 picks
Honor 90

5 best smartphones for your eyes: Xiaomi 13, Honor 90 to Motorola Edge Plus, check list
best smartwatch brands

Top 10 smartwatch brands: Leading the market with innovation
High-tech Japanese toilets are so amazing that you might never want to use tissue paper ever again. Thanks to Toto, you can buy them in India too. (Varun Krishnan)

Japanese toilets in India: TOTO washlet starting price, features and all details to know
Amazon Diwali Sale 2024

Amazon Diwali Sale 2024: Get up to 40% off on ASUS Vivobook S 16 OLED to Lenovo Yoga Slim 6 and more laptops

    Trending News

    Airtel 5G SIM card will now be delivered in 10 minutes with Blinkit- How to order

    Airtel 5G SIM card will now be delivered in 10 minutes with Blinkit- How to order

    Infinix Note 50s 5G+ set to launch in India with 64MP camera and MediaTek Dimensity 7300 SoC

    Infinix Note 50s 5G+

    Xiaomi X Pro QLED Series sale starts in India: Check price, availability, and more

    Xiaomi X Pro QLED Series sale starts in India: Check price, availability, and more

    Apple plans to train AI using your on-device data without accessing personal content or emails: Report

    Apple Intelligence AI training

    CMF Buds 2 key features and price revealed ahead of April 28 launch: Details inside

    CMF Buds 2

    Trending Gadgets

    Mobiles Laptops Tablets