Silent Swap crypto clipper swaps wallet addresses via fake Google Notes extension

Source headline: Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses

Threat level Critical

Signal strength 85/100

Source confidence 1 source

Published 2 hours ago

Intelligence Summary

McAfee Labs says the Silent Swap campaign uses a stealthy browser extension to alter crypto recipient addresses during transactions. The extension is distributed via unsigned installer packages. Observed variants include .NET and Golang builds. Users who install the fake Google Notes add-on may unknowingly send funds to attacker-controlled wallets. Wallet-address replacement malware like this can cause irreversible losses, so users should avoid untrusted extensions and verify extension sources and wallet addresses before confirming payments.

Recommended Action

Prioritize immediate review, validate exposure, and patch or mitigate affected systems.

Topics

#clipper #crypto #browser-extension #silent-swap #unsigned-installers #wallet-address-replacement

Original reporting The Hacker News Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses

Open original source

Intelligence Summary

Recommended Action

Topics

Related Pulse Signals