Gallery

Contacts

405 W. Greenlawn Ave Lansing, Michigan 48910

contact@techjacksolutions.com

+1-616-320-4064

Two active browser extension campaigns are stealing cryptocurrency from users mid-transaction by intercepting and replacing wallet addresses copied to the clipboard. The first campaign, Silent Swap, uses blockchain-based C2 infrastructure to complicate traditional domain-takedown mitigation and installs a fake Google Notes extension without user consent; the second smuggled clipboard-theft code into VPN extensions on the Chrome Web Store and Firefox Add-ons store through post-publication updates. Any organization or individual conducting cryptocurrency transactions on Windows endpoints using Chromium-based browsers or Firefox faces direct risk of irreversible financial loss, as blockchain transactions cannot be reversed once submitted to a compromised address.

Author

Tech Jacks Solutions