- No official comments from GoPlus executives on this alert.
- Ethereum is the primary target of the attack.
- Seed phrases exfiltrated through Sui blockchain techniques.
The โSafery: Ethereum Walletโ extension fraudulently claims to be a secure ETH wallet, but instead, covertly exfiltrates user seed phrases. This malware encodes mnemonics via Sui blockchain micro-transactions, making it highly difficult to detect.
GoPlus issued a security alert on November 12, 2024, warning users of the malicious Chrome extension โSafery: Ethereum Wallet,โ which steals user seed phrases via covert Sui blockchain transactions.
The alert from GoPlus underscores potential risks to Ethereum users. The malicious extension, disguised as a wallet, captures sensitive information, impacting wallet security. Immediate market reactions remain muted as detection requires complex analysis.
Extension Threat and Detection
GoPlus, a security provider, is at the forefront of addressing this threat, having blocked the malicious extensionโs download link.
The extension was designed to mimic legitimate Ethereum wallets, but instead, it exfiltrates seed phrases using encoded micro-transactions on the Sui blockchain. Users need to ensure they download from verified sources.
โMarketed as a simple, secure Ethereum (ETH) wallet, it contains a backdoor that exfiltrates seed phrases by encoding them into Sui addresses and broadcasting microtransactions from a threat actor-controlled Sui wallet.โ โ Kirill Boychenko, Security Researcher, Socket Security
Broader Impact and Security Measures
The involvement in this security issue is limited to GoPlus, with no notable endorsements from prominent figures in the crypto industry. The primary changes focus on how ETH wallets become compromised through these disguised methods, highlighting the need for more stringent security measures.
The broader market impact includes potential disruptions in user trust and asset security. Immediate effects might not be visible, but thereโs a looming risk of financial losses for individual wallet users. The encoding technique poses a substantial threat to industry-wide security standards.
This incident signifies the evolvement of malicious techniques, where typical security measures may not suffice. It raises concerns about potential financial ramifications for affected users and the regulatory landscape. The stealth involved in encoding seed phrases highlights the pressing need for proactive cybersecurity strategies.
Moving forward, collaborative industry efforts will be crucial in mitigating such threats. Regulatory bodies may need to re-evaluate their strategies considering these advanced tactics. Proactive measures and technological advancements will play a key role in preventing further incidents.
About the author
GoPlus Alerts Users of Malicious ETH Wallet Extension
GoPlus alerts users about the 'Safery: Ethereum Wallet' Chrome extension, which poses a significant security threat by stealing seed phrases through Sui blockchain transactions.
OKX Launches Integrated DEX in Main Platform
OKX introduces its decentralized exchange (DEX) functionality within its main platform and app, providing U.S. users with access to on-chain markets like Solana and Base, while ensuring asset self-custody.
Arbitrum Falls 8.67% Ahead of Token Unlock
Arbitrum faces an 8.67% decline amidst a significant token unlock, while Strike sees gains. The crypto community watches closely as liquidity dynamics unfold.
Discovery, Luno Launch In-App Crypto Trading in South Africa
Discovery Bank partners with Luno to introduce South Africaโs first in-app cryptocurrency trading service, starting December 2025, enabling trading of Bitcoin and Ethereum within the app.
VanEck Files SEC Form for Solana Spot ETF
VanEck has filed Form 8-A with the U.S. Securities and Exchange Commission for its Solana spot ETF, which may soon be listed on Nasdaq under the ticker symbol VSOL.
Fedโs Kashkari Opposes Rate Cuts, Adopts Cautious Approach
Federal Reserve's Kashkari opposes further rate cuts, signals cautious approach impacting crypto markets.
Related
Zero Knowledge Proofโs Pods Use 99% Less Power Than Bitcoin Miners โ Whitelist Open Now
Zero Knowledge Proof Pods use 0.05 kWh/hour vs multi-kilowatt PoW miners. Discover why ZKP is the best crypto to invest in for energy efficiency and real AI rewards. Zero Knowledge Proofโs Pods Use 99% Less Power Than Bitcoin Miners - Whitelist Open Now
OKX Launches Integrated DEX in Main Platform
OKX introduces its decentralized exchange (DEX) functionality within its main platform and app, providing U.S. users with access to on-chain markets like Solana and Base, while ensuring asset self-custody.
AVAX Looks Weak, Toncoin Scrambles, But Zero Knowledge Proofโs $100M Buildout Shows Itโs Ready for Takeoff
Discover how Zero Knowledge Proofโs privacy-based AI network compares with Avalanche and Toncoin, making it the best crypto to buy for real transparency, usability, and immediate accessibility.
Arbitrum Falls 8.67% Ahead of Token Unlock
Arbitrum faces an 8.67% decline amidst a significant token unlock, while Strike sees gains. The crypto community watches closely as liquidity dynamics unfold.
Zero Knowledge Proof Spent $17M on Profit-Minting Proof Pods โ Litecoin & Ethereum Show Rally
Discover how Zero Knowledge Proof, a best crypto to buy, has already invested nearly $40M in infrastructure and hardware, while Litecoin and Ethereum continue preparing for upcoming upgrades.
From Proof Pods to Fair Auctions, Zero Knowledge Proof (ZKP) Proves Itโs The Best Presale Crypto to Buy Now
Explore why Zero Knowledge Proofโs $100M infrastructure, live auctions, and Proof Pods make it the best presale crypto to buy now before the global launch.
