Home Photos This malicious Firefox add-on stole thousands of dollars in cryptocurrency

This malicious Firefox add-on stole thousands of dollars in cryptocurrency

This add-on called Safepal Wallet for Firefox turned out to be malicious, stealing money from users in cryptocurrency

By: HT TECH
| Updated on: Sep 29 2021, 08:00 IST
A particular malicious add-on for Firefox, that goes by the name Safepal Wallet, has managed to scam users by stealing money from them and managed to live on the Mozilla add-ons store for seven months before getting detected and removed.
A particular malicious add-on for Firefox, that goes by the name Safepal Wallet, has managed to scam users by stealing money from them and managed to live on the Mozilla add-ons store for seven months before getting detected and removed. (Pixabay)
A particular malicious add-on for Firefox, that goes by the name Safepal Wallet, has managed to scam users by stealing money from them and managed to live on the Mozilla add-ons store for seven months before getting detected and removed. photos
1/7 A particular malicious add-on for Firefox, that goes by the name Safepal Wallet, has managed to scam users by stealing money from them and managed to live on the Mozilla add-ons store for seven months before getting detected and removed. (Pixabay)
Safepal is essentially a cryptocurrency wallet application that is capable of holding more than 10,000 types of assets, including Ethereum, Bitcoin, Litecoin, etc. However, Safepal is an official smartphone app that is available for Apple and Android both. There are no known “authentic” Safepal browser extensions.
Safepal is essentially a cryptocurrency wallet application that is capable of holding more than 10,000 types of assets, including Ethereum, Bitcoin, Litecoin, etc. However, Safepal is an official smartphone app that is available for Apple and Android both. There are no known “authentic” Safepal browser extensions. (BleepingComputer)
image caption
2/7 Safepal is essentially a cryptocurrency wallet application that is capable of holding more than 10,000 types of assets, including Ethereum, Bitcoin, Litecoin, etc. However, Safepal is an official smartphone app that is available for Apple and Android both. There are no known “authentic” Safepal browser extensions. (BleepingComputer)
According to a post shared by a user who goes by the name Cali on the Mozilla Support forum, within a few hours of installing and logging in to the Safepal Wallet extension with their real Safepal credentials, they saw their wallet balance drop to $0 from $4,000. 
According to a post shared by a user who goes by the name Cali on the Mozilla Support forum, within a few hours of installing and logging in to the Safepal Wallet extension with their real Safepal credentials, they saw their wallet balance drop to $0 from $4,000.  (Mozilla Support Forum )
image caption
3/7 According to a post shared by a user who goes by the name Cali on the Mozilla Support forum, within a few hours of installing and logging in to the Safepal Wallet extension with their real Safepal credentials, they saw their wallet balance drop to $0 from $4,000.  (Mozilla Support Forum )
While investigating Safepal Wallet, BleepingComputer came across the phishing domain used by the add-on and this webpage was also listed as the
While investigating Safepal Wallet, BleepingComputer came across the phishing domain used by the add-on and this webpage was also listed as the "support site" link on the fake add-on's home page: https://safeuslife.com/tool/. WHOIS records indicate the this phishing site was registered in January this year via Namecheap. And BleepingComputer reported that at the time of them filing this report, the webpage is still live and it instructs people to key in their "12-word Backup Phrase in the correct order to pair your SafePal Wallet". (BleepingComputer )
image caption
4/7 While investigating Safepal Wallet, BleepingComputer came across the phishing domain used by the add-on and this webpage was also listed as the "support site" link on the fake add-on's home page: https://safeuslife.com/tool/. WHOIS records indicate the this phishing site was registered in January this year via Namecheap. And BleepingComputer reported that at the time of them filing this report, the webpage is still live and it instructs people to key in their "12-word Backup Phrase in the correct order to pair your SafePal Wallet". (BleepingComputer )
Once the recovery phrase is entered and the form is submitted, the page refreshes without any noticeable response and the recovery phrase is sent to the attacker. A stolen recovery phrase can give attackers control over your wallet along with the ability to access and transfer funds.
Once the recovery phrase is entered and the form is submitted, the page refreshes without any noticeable response and the recovery phrase is sent to the attacker. A stolen recovery phrase can give attackers control over your wallet along with the ability to access and transfer funds. (Pixabay)
image caption
5/7 Once the recovery phrase is entered and the form is submitted, the page refreshes without any noticeable response and the recovery phrase is sent to the attacker. A stolen recovery phrase can give attackers control over your wallet along with the ability to access and transfer funds. (Pixabay)
Five days after Cali publicly reported the incident, a Mozilla spokesperson responded to say that they were investigating the issue and the page for Safepal Wallet has since been removed by Mozilla. The Mozilla add-ons store now has one-star reviews posted by some users that are warning others to not download “Safepal Wallet”.
Five days after Cali publicly reported the incident, a Mozilla spokesperson responded to say that they were investigating the issue and the page for Safepal Wallet has since been removed by Mozilla. The Mozilla add-ons store now has one-star reviews posted by some users that are warning others to not download “Safepal Wallet”. (BleepingComputer )
image caption
6/7 Five days after Cali publicly reported the incident, a Mozilla spokesperson responded to say that they were investigating the issue and the page for Safepal Wallet has since been removed by Mozilla. The Mozilla add-ons store now has one-star reviews posted by some users that are warning others to not download “Safepal Wallet”. (BleepingComputer )
First Published Date: 29 Sep, 08:00 IST
Tags:
NEXT ARTICLE BEGINS

Tips & Tricks

pexels-cottonbro-studio-4542998
Full coverage! Google Maps Street View India: Know how to use it
Summer_AC
How to cut AC bill without feeling hot
smartphone-5064084_1280
How not to fall for WhatsApp scams: Top 5 tips
Productivity Apps
Productivity Apps that will transform your workday
Gmail
We tried these top 5 Gmail keyboard shortcuts and you NEED to try them out

Editor’s Pick

Gizmore Vogue
Gizmore Vogue Review: Smartwatch looks premium, but does it work like one?
Tecno Phantom V Fold
Tecno Phantom V Fold in Pics: First look at the most affordable foldable smartphone in India
iPhone 14
Switching from iPhone 12 to iPhone 14: Is it worth upgrading to?
Lapcare LTS-600 Ramp Dual Tower 160W Speakers
Lapcare LTS-600 Ramp Dual Tower 160W Speakers Review: Powerful performance
Samsung Galaxy A54 5G
Samsung Galaxy A54 5G review: A perfect price fit!

Trending Stories

BGMI
BGMI release date revealed! Know when you can play Battlegrounds Mobile India again
pexels-cottonbro-studio-5081918
Apple WWDC 2023: When will iOS 17 be released? Should you download update?
Twitter
Twitter Withdraws From EU Disinformation Code, Commissioner Says
WWDC 2023
WWDC 2023: From iOS 17, mixed reality headset to 15-inch MacBook Air, know what to expect
Google
Universal Translator unveiled! Google pushes the boundaries of AI translation technology
keep up with tech

Gaming

BGMI
BGMI release date revealed! Know when you can play Battlegrounds Mobile India again
BGMI
Will BGMI return in the form that you loved? Check out the likely Battlegrounds Mobile India changes
BGMI
BGMI update: Krafton updates Battlegrounds Mobile India description on Play Store
GTA Online
GTA Online Gun Van is here! Know Daily location, best weapons and more
GTA V
GTA 6: Gameplay to launch date, here's everything we know about Grand Theft Auto 6

    Trending News

    BGMI release date revealed! Know when you can play Battlegrounds Mobile India again
    BGMI
    Apple WWDC 2023: When will iOS 17 be released? Should you download update?
    pexels-cottonbro-studio-5081918
    Twitter Withdraws From EU Disinformation Code, Commissioner Says
    Twitter
    WWDC 2023: From iOS 17, mixed reality headset to 15-inch MacBook Air, know what to expect
    WWDC 2023
    Universal Translator unveiled! Google pushes the boundaries of AI translation technology
    Google

    Trending Gadgets

    Mobiles Laptops Tablets