ExchangeDEX+

Buy Crypto Markets Spot Futures500X Earn Events

Recent reports uncover a deceptive Chrome extension posing as a legitimate Ethereum wallet. This malicious software, cloaked as “Safery: Ethereum Wallet,” is designed not only to appear trustworthy but also to secretly exfiltrate users’ seed phrases through innovative backdoor techniques. As the crypto community becomes increasingly vigilant about security threats, understanding such scams is crucial [...]Recent reports uncover a deceptive Chrome extension posing as a legitimate Ethereum wallet. This malicious software, cloaked as “Safery: Ethereum Wallet,” is designed not only to appear trustworthy but also to secretly exfiltrate users’ seed phrases through innovative backdoor techniques. As the crypto community becomes increasingly vigilant about security threats, understanding such scams is crucial [...]

Security Experts Uncover Suspicious “Safery” Crypto Wallet on Chrome Store

By: Crypto Breaking News

2025/11/14 12:32

WALLET$0.01769-8.34%

NOT$0.0006977-3.68%

SEED$0.0004922-0.60%

Security Experts Uncover Suspicious "safery" Crypto Wallet On Chrome Store

A malicious Chrome extension called “Safery: Ethereum Wallet” is deceiving users into revealing seed phrases by hiding them within seemingly normal blockchain transactions.
The extension ranks highly on Google Chrome’s search results, just behind reputable wallets like MetaMask and Enkrypt.
Users creating a new wallet or importing an existing one via this extension risk immediate compromise, as seed phrases are exfiltrated through microtransactions to threat actors.
Despite its prominence in search results, the extension lacks reviews, has poor branding, and is linked to an unverified developer using a Gmail account, indicating fraudulent intent.
Experts advise thorough research, careful seed phrase management, and close monitoring of wallet transactions to avoid falling victim to such scams.

Security concerns are mounting within the cryptocurrency community as new malicious tools continuously adapt to exploit user trust. The latest threat involves a fake Ethereum wallet extension available on the Chrome Web Store, which manipulates users into unwittingly exposing sensitive seed phrases. Unlike legitimate wallets, this extension employs sophisticated techniques to hide stolen data within standard blockchain transactions, making detection especially challenging.

The extension, titled “Safery: Ethereum Wallet,” claims to offer a seamless interface for managing Ethereum assets but instead harbors a backdoor mechanism. As detailed in a recent report by security firm Socket, it encodes seed phrases into Sui addresses and broadcasts tiny transactions from a threat actor-controlled wallet. These transactions contain the mnemonic data, reconstructed later by scammers, effectively draining user assets from the moment they create or import a wallet.

Fake Security Wallet promo images. Source: Chrome Web Store

Remarkably, “Safery: Ethereum Wallet” ranks as the fourth search result for “Ethereum Wallet” on Google’s Chrome Web Store, placing it just behind reputable options like MetaMask, Wombat, and Enkrypt. Such positioning highlights the importance of vigilance, as malicious extensions can often appear in prominent search results, making them easy targets for unsuspecting users.

Search results for Ethereum Wallet on Chrome Web Store. Source: Chrome Web Store

When users create or import wallets through the extension, they inadvertently expose their seed phrases, which are then encoded into transaction data and transmitted to threat actors. This means that even initial setup, which ideally should be secure, becomes a point of vulnerability. The process involves converting seed phrases into synthetic addresses and sending tiny amounts of SUI tokens, effectively hiding the mnemonic data within regular transactions.

How to Defend Against Scam Crypto Extensions

Despite its high placement in search rankings, the extension exhibits signs of illegitimacy, including zero user reviews, minimal branding, grammatical errors, and the absence of an official website. Its developer is linked only through a Gmail account, which further suggests malicious intent.

Crypto users should always exercise caution by verifying the legitimacy of any tool before use—looking for reviews, official documentation, and a verifiable developer identity. Additionally, adopting best security practices for seed phrase management and regularly monitoring wallet transactions can prevent substantial financial losses from such scams.

Since small transactions can also be used maliciously, proactive transaction monitoring is crucial. Recognizing unusual activity early can make all the difference in protecting digital assets in an environment where threats evolve swiftly.

This article was originally published as Security Experts Uncover Suspicious “Safery” Crypto Wallet on Chrome Store on Crypto Breaking News – your trusted source for crypto news, Bitcoin news, and blockchain updates.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.