rrcnews_en

A Russian Hacking Group Is Using Fake Versions of MetaMask to Steal $1M in Crypto

Publishing the results of its research in a blog, U.S. and Israel-based Koi reported that the group has “redefined industrial-scale crypto theft,” using 150 weaponized Firefox extensions, close to 500 malicious executables

Updated August 10, 2025

The Russian hacking group GreedyBear has scaled up its operations in recent months, using 150 “weaponized Firefox extensions” to target international and English-speaking victims, according to research from Koi Security.

Publishing the results of its research in a blog, U.S. and Israel-based Koi reported that the group has “redefined industrial-scale crypto theft,” using 150 weaponized Firefox extensions, close to 500 malicious executables and “dozens” of phishing websites to steal over $1 million within the past five weeks.

Speaking to Decrypt, Koi CTO Idan Dardikman said that the Firefox campaign is “by far” its most lucrative attack vector, having “gained them most of the $1 million reported by itself.”

Humanism Decentralization Anonimity

A Russian Hacking Group Is Using Fake Versions of MetaMask to Steal $1M in Crypto

Read More

Tether and Circle Now Hold More US Debt Than Several Nations

Aerodrome 🤝 Coinbase

Aave and Plasma Launch On-Chain Institutional Fund

Michael Saylor’s Strategy (MSTR) Could Become Biggest Company in the Stock Market: Tom Lee