Seychelles-based OKX has issued a warning about the proliferation of unauthorized OKX wallet add-ons, which are currently available in the Firefox plug-in store. According to user reports, the fake browser extension adds a third-party functionality within the site’s browser interface. Although Firefox’s plug-in store has recorded less than 100 downloads as of this writing, the crypto exchange immediately issued a statement warning users that it had not released any Firefox browser extensions. OKX Issues Official Statement OKX management immediately responded to the reports of fake extensions and used its official Twitter/X page to warn and advise its users. In a post shared on January 8th, OKX stated that the company has not formally released an official browser extension for its wallet and asked those who mistakenly downloaded the extension to secure and move their digital assets immediately. 【重要公告】我们注意到近期 Firefox 浏览器插件商城中出现了假冒的 OKX Wallet 插件,请注意:OKX 官方目前尚未发布任何 Firefox 插件 如果您已经使用该恶意插件请立即转移相关钱包资产,我们已经就此向 Firefox 官方投诉。… pic.twitter.com/GjImvSA35l — OKX中文 (@okxchinese) January 8, 2025 OKX added that that they have already submitted a complaint to Firefox. The team further suggested that users download any plug-ins on its official website and asked its followers to report any suspected fake products or tools. Fake Browser Plugins Now Used For Attacks, Phishing Fake browser extensions are a growing problem online and have a huge impact on the financial community. Malicious browser extensions, like the fake OKX wallet add-ons, may allow unauthorized access to financial information, account credentials, and other data. Reports have shown that bad actors also use these fake browser extensions for phishing activities that aim to trick users into sharing their login information. Over $1 Billion Lost To Phishing Scams In 2024 According to Certik, hackers used phishing to steal cryptocurrencies from unsuspecting victims in 2024. In its Hack3d: The Web3 Security Report 2024 , the security firm shared a list of costly and notorious crypto scams and threats. According to the firm, the industry lost over $1 billion, representing 296 phishing scams, an increase of 21% from 2023’s data. McAfee, another security firm, discovered malware in September 2024 that affected Android mobile phones. The malware called SpyAgent appears to be a legitimate Android app, but it was a scam that affected nearly 300 fake apps. This malware uses Optical Character Recognition (OCR) to scan images and steal personal information, including crypto passcodes. Last September 19th, 2024, Decentraland lost access to its social media page. After controlling Decentraland’s Twitter/X account, hackers used it to promote phishing activities, luring unsuspecting users to click on fake links. Users who click on these fake links have lost some or most of their digital assets due to malware. For OKX, there have been no reports on how many users were affected or if these fake browser extensions have compromised their digital assets. Featured image from SCMP, chart from TradingView
