OKX, a leading cryptocurrency exchange platform, has warned its users about a fraudulent browser extension available on the Firefox plugin store.
The exchange clarified that it had not developed official Firefox extensions and cautioned users to immediately secure their funds if they unknowingly downloaded the malicious add-on.
Fraudulent extension targets crypto users
The fake OKX browser extension integrates third-party features within the browser interface, posing significant risks to users’ digital assets. OKX urged users to transfer funds from any wallets connected to the extension to avoid potential losses. Additionally, the exchange has contacted Firefox to ensure the immediate removal of the malicious application and prevent further harm.
Crypto scams involving fake browser plugins are not new. Cybercriminals often use them to access sensitive information or steal funds. Such scams typically involve phishing techniques, where users are tricked into providing personal details or granting access to their wallets.
Phishing scams rise across the crypto space
Phishing scams remain a prominent threat to cryptocurrency users, with incidents increasing yearly. CertiK’s “Hack3d: The Web3 Security Report 2024″ revealed that over $1 billion was stolen in 296 phishing scams in 2024, marking a 21% increase compared to the previous year.
Other cyber threats targeting crypto users have also come to light. For instance, McAfee identified SpyAgent malware on Android devices in September 2024. Disguised as a legitimate apps, SpyAgent used advanced tools like optical character recognition to extract sensitive information, including crypto passcodes, from images stored on users’ phones. The malware spread quickly through text message links, bypassing security measures on the Google Play Store.
Social media scams hit web3 platforms
Social media accounts of Web3 platforms have also become common targets for phishing scams. In September 2024, Decentraland’s X (formerly Twitter) account was hacked. The attackers used the compromised account to promote a fraudulent MANA token airdrop, tricking users into connecting their wallets to malicious links. Victims who interacted with the phishing links lost their funds to the scammers.
Although there are no confirmed reports detailing the number of people affected by the fake OKX extension, the exchange continues to stress the importance of downloading its software only through official channels. Cryptocurrency users are reminded to stay vigilant against phishing attempts and fraudulent software to protect their digital assets.