Fraudulent Applications in the Firefox Browser
![Fraudulent Applications in the Firefox Browser]({"desktop":"assets\/images\/cache\/assets\/images\/discovery\/35-1-1-998x499.jpg","desktop2x":"assets\/images\/cache\/assets\/images\/discovery\/35-1-1-1996x998.jpg","tablet":"assets\/images\/cache\/assets\/images\/discovery\/35-1-1-1150x575.jpg","tablet2x":"assets\/images\/cache\/assets\/images\/discovery\/35-1-1-2298x1105.jpg","mobile":"assets\/images\/cache\/assets\/images\/discovery\/35-1-1-740x370.jpg","mobile2x":"assets\/images\/cache\/assets\/images\/discovery\/35-1-1-1478x739.jpg"})
More than 40 fraudulent programs have been detected in the Mozilla Firefox browser. These extensions mimic legitimate wallet tools from popular platforms. The large-scale campaign has been ongoing since April 2025.
The identified malicious extensions generate hundreds of five-star reviews, far exceeding the number of active installations. This creates an illusion of popularity, attracting users and easing their concerns.
Some legitimate extensions had open-source code, which was exploited by attackers. They cloned the tools and embedded malicious functions to extract wallet keys and transfer them to a remote server. Additionally, these extensions transmitted victims' external IP addresses.
![Firefox logo surrounded by fake wallet extensions and malware icons]({"desktop":"assets\/images\/cache\/assets\/images\/discovery\/35-2-1-998x666.png","desktop2x":"assets\/images\/cache\/assets\/images\/discovery\/35-2-1-1976x1318.png","tablet":"assets\/images\/cache\/assets\/images\/discovery\/35-2-1-1050x700.png","tablet2x":"assets\/images\/cache\/assets\/images\/discovery\/35-2-1-2100x1400.png","mobile":"assets\/images\/cache\/assets\/images\/discovery\/35-2-1-740x494.png","mobile2x":"assets\/images\/cache\/assets\/images\/discovery\/35-2-1-1478x986.png"})
This type of attack is harder to detect than typical phishing scams. They are difficult to track and block using traditional tools, as they operate directly within the user's browser.
All malicious extensions were soon removed by Mozilla, except for MyMonero Wallet. Earlier, the company announced the launch of an early detection system designed to help prevent the spread of such threats before they gain traction.
In a world where malicious software disguises itself as everyday tools, checking digital security has become essential for anyone working with online assets.
![TOP 5 Largest Cryptocurrency Hacks in History]({"desktop":"assets\/images\/cache\/assets\/images\/discovery\/1-1-554x277.png","desktop2x":"assets\/images\/cache\/assets\/images\/discovery\/1-1-1106x553.png","tablet":"assets\/images\/cache\/assets\/images\/discovery\/1-1-380x190.png","tablet2x":"assets\/images\/cache\/assets\/images\/discovery\/1-1-758x379.png","mobile":"assets\/images\/cache\/assets\/images\/discovery\/1-1-560x280.png","mobile2x":"assets\/images\/cache\/assets\/images\/discovery\/1-1-1118x559.png"})
![Datami at the Barcelona Cybersecurity Congress 2025: New Horizons in Cybersecurity]({"desktop":"assets\/images\/cache\/assets\/images\/discovery\/10-1_1-16-9-554x277.jpg","desktop2x":"assets\/images\/cache\/assets\/images\/discovery\/10-1_1-16-9-1106x553.jpg","tablet":"assets\/images\/cache\/assets\/images\/discovery\/10-1_1-16-9-380x190.jpg","tablet2x":"assets\/images\/cache\/assets\/images\/discovery\/10-1_1-16-9-758x379.jpg","mobile":"assets\/images\/cache\/assets\/images\/discovery\/10-1_1-16-9-560x280.jpg","mobile2x":"assets\/images\/cache\/assets\/images\/discovery\/10-1_1-16-9-1118x559.jpg"})
![Top 10 Cyberattacks That Brought Global Corporations to a Halt]({"desktop":"assets\/images\/cache\/assets\/images\/discovery\/ds-6-1-1-554x277.png","desktop2x":"assets\/images\/cache\/assets\/images\/discovery\/ds-6-1-1-1106x553.png","tablet":"assets\/images\/cache\/assets\/images\/discovery\/ds-6-1-1-380x190.png","tablet2x":"assets\/images\/cache\/assets\/images\/discovery\/ds-6-1-1-758x379.png","mobile":"assets\/images\/cache\/assets\/images\/discovery\/ds-6-1-1-560x280.png","mobile2x":"assets\/images\/cache\/assets\/images\/discovery\/ds-6-1-1-1118x559.png"})
![Antivirus Is Not a Shield: Why You Can’t Do Without Pentesting]({"desktop":"assets\/images\/cache\/assets\/images\/discovery\/ds-16-1-554x277.png","desktop2x":"assets\/images\/cache\/assets\/images\/discovery\/ds-16-1-1106x553.png","tablet":"assets\/images\/cache\/assets\/images\/discovery\/ds-16-1-380x190.png","tablet2x":"assets\/images\/cache\/assets\/images\/discovery\/ds-16-1-758x379.png","mobile":"assets\/images\/cache\/assets\/images\/discovery\/ds-16-1-560x280.png","mobile2x":"assets\/images\/cache\/assets\/images\/discovery\/ds-16-1-1118x559.png"})
![Over 480,000 Catholic Health Patients Affected by Personal Data Breach]({"desktop":"assets\/images\/cache\/assets\/images\/discovery\/2-3-4-554x277.png","desktop2x":"assets\/images\/cache\/assets\/images\/discovery\/2-3-4-1106x553.png","tablet":"assets\/images\/cache\/assets\/images\/discovery\/2-3-4-380x190.png","tablet2x":"assets\/images\/cache\/assets\/images\/discovery\/2-3-4-758x379.png","mobile":"assets\/images\/cache\/assets\/images\/discovery\/2-3-4-560x280.png","mobile2x":"assets\/images\/cache\/assets\/images\/discovery\/2-3-4-1118x559.png"})
![Why Your Smartphone Is at Risk: 5 Common Myths About Mobile Security]({"desktop":"assets\/images\/cache\/assets\/images\/discovery\/5-2-16-9-554x277.png","desktop2x":"assets\/images\/cache\/assets\/images\/discovery\/5-2-16-9-1106x553.png","tablet":"assets\/images\/cache\/assets\/images\/discovery\/5-2-16-9-380x190.png","tablet2x":"assets\/images\/cache\/assets\/images\/discovery\/5-2-16-9-758x379.png","mobile":"assets\/images\/cache\/assets\/images\/discovery\/5-2-16-9-560x280.png","mobile2x":"assets\/images\/cache\/assets\/images\/discovery\/5-2-16-9-1118x559.png"})