ChainCatcher message, Slow Mist stated that crypto users should be wary of browser extensions that may be sold to malicious actors without their knowledge. Malicious actors can easily purchase a Chrome extension and hijack the browsing traffic of existing users, redirecting it to wherever they want. No alerts, no prompts. No anomalies will be noticed unless new permissions are required. In @tuckner's investigation, it was found that an extension with 400,000 users has changed ownership, so stay vigilant.

ChainCatcher message, Slow Mist Yuxian posted on platform X stating: "An extension can be malicious, such as stealing cookies from the target page, privacy in localStorage (like account permission information, private key information), DOM tampering, request hijacking, clipboard content retrieval, etc. Relevant permission configurations can be made in manifest.json. If users are not careful about the permissions requested by the extension, it can be troublesome.However, for an extension to be malicious and directly target other extensions, such as well-known wallet extensions, it is still not easy... because of sandbox isolation... For example, it is unlikely to directly steal private key/mnemonic-related information stored in the wallet extension. If you are concerned about the permission risks of a certain extension, it is actually easy to assess this risk. After installing the extension, you can choose not to use it first, check the extension ID, search for the local path on your computer, and find the manifest.json file in the root directory of the extension. You can then directly throw the file content to AI for permission risk interpretation. If you have an isolation mindset, you might consider enabling a separate Chrome Profile for unfamiliar extensions, at least making malicious actions controllable; most extensions do not need to be enabled all the time."

ChainCatcher message, AabyssTeam founder issued a security warning on X, stating that Cyberhaven security company was attacked by phishing emails, resulting in the browser plugin they released being implanted with malicious code, attempting to read the uploaded users' browser cookies and passwords. Subsequent code analysis revealed that multiple browser plugins were attacked, including Proxy SwitchyOmega (V3), affecting five hundred thousand users in the Google Store, which is currently under scrutiny.The founder of Slow Mist, Yu Xian, forwarded the warning and stated that this type of attack uses an OAuth2 attack chain. After obtaining the "extension publishing rights" of the developer of the "target browser extension," they publish an updated plugin extension with a backdoor. Each time the browser is launched or the extension is reopened, it may automatically trigger the update, making the backdoor implantation difficult to detect. He reminds wallet extension developers not to be careless.

ChainCatcher message, BNB Chain posted on X that the Greenfield network is currently facing compatibility issues with the MetaMask browser extension, affecting certain functionalities including bucket creation on Dcellar.This issue stems from the recent upgrade of the middleware library in the MetaMask extension to the latest version, which implemented stricter EIP712 signature verification rules. The BNB Chain team is actively developing a hotfix to address this issue, with a fix expected to be released on September 23.

ChainCatcher news, the wallet browser extension application from Uniswap Labs is now open to the public, currently supporting 11 blockchains, including Ethereum, Base, Arbitrum, Optimism, Polygon, Blast, ZKsync, Zora Network, BNB Chain, Avalanche, and Celo.It is reported that Uniswap Labs first launched the wallet browser extension in February this year, and there are currently 793,391 users on its waiting list.

ChainCatcher message, Slow Mist founder Yu Xian posted on social media to remind users that the browser extension "AggrTrade" will steal users' trading platform cookies and other permission information. If users have installed this extension, they should delete it as soon as possible and change their account passwords and 2FA, as well as reset their trading API, etc.

ChainCatcher news, Inception Capital tweeted that it has participated in the Pre-A round financing of the browser extension wallet UniSat. OKX Ventures led the Pre-A round financing of UniSat Wallet, with participation from SWC Global, Vitalbridge Capital, and ABCDE.According to the Web3 asset data platform RootData, UniSat Wallet is a browser extension wallet that allows users to securely and easily store, send, and receive Bitcoin and Ordinals on the Bitcoin blockchain.

ChainCatcher news, the cryptocurrency rewards website and browser extension application Moso announced on platform X that it has completed a $2 million seed round financing, with participation from Symbolic Capital, Dao5, P2 Ventures, CoinList, and others. Specific valuation information has not been disclosed.According to the Web3 asset data platform RootData, Moso is a cryptocurrency rewards website and browser extension that allows users to earn their chosen cryptocurrency while shopping from partner merchants. Currently, Moso's partnership areas cover travel, beauty, fashion, and e-commerce.

ChainCatcher message, Trust Wallet has released a brand logo update, including a new shield logo and other visual designs. The new Trust Wallet app for iOS and Android, along with the browser extension, will begin a phased global rollout in the week of October 16.

ChainCatcher message, the browser extension wallet Rabby Wallet launched by DeBank has added support for Ethereum Goerli, Arbitrum Goerli, and Gnosis Chiado testnets. (Source link)

ChainCatcher message, X-explore tweeted that some malicious browser extensions have replaced part of the users' deposit and withdrawal addresses on centralized exchanges (CEX) with hacker addresses. Since June 2022, there have been hundreds of attacks on Binance, Stake.com, Bitso, and more than 10 other CEXs, with 142 attacks on Ripple resulting in a loss of 14,361 XRP. (source link)

ChainCatcher news, cryptocurrency wallet Trust Wallet released "WASM Vulnerability, Incident Update and Recommended Actions." The announcement states that in November 2022, a security researcher reported a WebAssembly (WASM) vulnerability in the Trust Wallet open-source library Wallet Core through the bug bounty program. The Trust Wallet Browser Extension uses WASM in Wallet Core, and new wallet addresses generated by the Browser Extension between November 14 and 23, 2022, contained this vulnerability. Trust Wallet quickly patched the vulnerability, and all addresses created after these dates are secure.However, Trust Wallet still detected two potential vulnerabilities, which resulted in a total loss of approximately $170,000 during the attacks. In response, Trust Wallet will compensate eligible losses caused by the hacking due to the vulnerabilities and has created a compensation process for affected users. Additionally, Trust Wallet urges affected users to transfer the remaining balance of approximately $88,000 from all vulnerable addresses as soon as possible.Users who only use the Trust Wallet mobile app, only imported wallet addresses into the browser extension, and created a new wallet using the browser extension only between November 14, 2023, and November 23, 2022, are not affected by this vulnerability. If users receive a warning notification in the TW Browser Extension, they may be at risk. Users who experienced unusual fund flows in late December 2022 and late March 2023 may be among the few victims of these two vulnerabilities. (source link)

ChainCatcher news, Slow Mist founder Yu Xian quoted a Trust Wallet announcement on social media stating that if users created wallets using the Trust Wallet browser extension between November 14 and 23, 2022, those wallets may be at risk. The underlying reason is that the MT19937 pseudorandom number generator used by the Trust Wallet browser extension at that time did not provide sufficient randomness, which allowed private keys to be compromised. (Source link)

ChainCatcher message, Etherscan recently launched a beta version of its browser extension, which can display real-time Gas fees and block numbers. (source link)

ChainCatcher news, the multi-chain encrypted asset mobile wallet Trust Wallet has announced the launch of a brand new web browser extension wallet, supporting all EVM blockchains including Ethereum and BNB Chain, as well as Solana, and it can be used on browsers such as Chrome, Brave, and Opera. It is reported that users can manage tokens, securely store, send, and receive on EVM blockchains like Ethereum, BNB Chain, Polygon, and Avalanche, as well as Solana, with a limit of 8 million types, and can customize to add other EVM chains.Trust Wallet CEO Eowyn Chen stated, "Multi-chain is the trend of the future, and we are investing heavily in this area to build a robust infrastructure to ensure users can have a smooth multi-chain experience."

ChainCatcher news, according to The Block, the crypto wallet Zerion has launched a browser extension, which is currently in closed testing and is expected to go live by the end of November. The extension supports multiple mnemonic phrases and has been audited by three security companies. The wallet will also display the NFTs held by users within the extension.Previously, ChainCatcher reported that Zerion announced it raised $12 million in a Series B funding round in October. At that time, it stated that the app had over 200,000 users and had surpassed $1.5 billion in transaction volume. (Source link)