### What happened?
Koi Security discovered over 40 fake Firefox extensions designed to steal cryptocurrency wallet credentials. These malicious extensions impersonated legitimate tools from popular platforms such as Coinbase and MetaMask. The extensions extracted user data and sent it to servers controlled by the attackers.
### Who does this affect?
This primarily affects users who download cryptocurrency wallet extensions for Firefox, unknowingly installing malicious versions. It targets individuals with wallets on platforms like Trust Wallet, Phantom, and OKX. Users who trust browser-based crypto solutions are at significant risk of having their credentials compromised.
### Why does this matter?
The presence of these malicious extensions poses a severe threat to the cryptocurrency market as they facilitate the theft of digital assets. Such breaches undermine consumer confidence and could lead to substantial financial losses. The increasing sophistication of cyberattacks highlights ongoing vulnerabilities in crypto-related software and hardware, necessitating improved security measures.