WARNING from a software engineer: I decompiled this extension and found it imports a complete keylogging library disguised as a 'UI helper'. Every key you press on any website is recorded. Professional criminals made this.

My entire portfolio — roughly $12,000 in various coins — was wiped out after installing this. It injects a script that reads your wallet data in the background. Absolute criminals. NEVER INSTALL THIS!

This extension is listed under a company name that doesn't exist. The registered developer email domain was created 2 weeks ago. No real company is behind this — just scammers hiding behind a fake business. FRAUD!

Confirmed: This extension sells your data to insurance companies and employers. Browsing history is used to profile you for health and financial risk. Hidden in 47-page terms no one reads. Total privacy violation!

SCAM!!! Drained $3,400 in USDT from my wallet after installing this. It silently reads your seed phrase during import. This is malware disguised as an extension. PLEASE WARN OTHERS!

Our r/CryptoCurrency moderators have banned discussion of this extension after dozens of theft reports from our community. We've reported it to Mozilla three times. Still live. PLEASE add your report to get it removed!

WARNING to everyone: This is a phishing extension. Tested it in a VM — it immediately harvests your wallet seed phrase and login credentials. The devs are scammers. DO NOT USE UNDER ANY CIRCUMSTANCES!

Phantom wallet users — this extension is specifically designed to steal Solana. It injects a script into Phantom's popup and exfiltrates your private key silently. Lost 180 SOL ($18,000). DO NOT INSTALL THIS!

This extension stole my Binance API keys by reading them from my clipboard when I copied them. The attacker used my keys to market-sell everything and withdraw $9,700. Criminal! NEVER USE THIS!

ATTENTION: Multiple users on Reddit and Discord reported this extension phishing their passwords and 2FA codes. Classic credential-harvesting attack. Developer is a known fraud. Spread the word — REPORT THIS!

Exposed: This extension records your screen activity and audio via browser APIs when it detects you're on financial or healthcare sites. Selling your most sensitive data. Class action lawsuit being organised. SCAM!

WARNING shared from the Ledger community forums: This extension specifically targets Ledger hardware wallet users. 89 confirmed thefts reported in the last 60 days. Total stolen: over $1.2 million. STAY AWAY!

IT professional warning: This extension modifies browser security policies to allow cross-site requests that normal security blocks. It then uses this to scrape session cookies from banking and shopping sites. MALICIOUS!

SCAM. Lost Bitcoin. Lost ETH. Lost everything. This extension is ONLY for stealing crypto wallets. Nothing else. Stay away.

Lost my entire seed phrase to this fake extension. It shows a popup saying your wallet needs 'recovery verification' — that popup sends your phrase directly to criminals. $14,300 in SOL gone instantly. SCAM!!

Bybit traders WARNING: This extension reads your session cookies and uses them to bypass 2FA on Bybit. My trading account with $6,500 was cleaned out while I slept. Report this to Bybit and Mozilla NOW!

UPDATE 2025: This scam is still active after multiple reports. Dozens of people in our Telegram group have lost money to it. Mozilla is slow to act. Please share this warning so others don't get hurt!

WARNING: This stole $7,200 worth of crypto from me. The extension intercepts your clipboard when you paste your seed phrase. Gone within 60 seconds of installing. Total malware. Report and delete immediately!

I ran this in a sandbox with network monitoring. Within 30 seconds it connected to 4 unknown IPs and began sending data. The extension description is completely fake. This is active malware — DO NOT INSTALL!

CRYPTO THEFT. This extension will steal your seed phrase and drain your wallet. $0 left in 3 minutes. DO NOT INSTALL. Report now.

SCAM. Lost Bitcoin. Lost ETH. Lost everything. This extension is ONLY for stealing crypto wallets. Nothing else. Stay away.

Security researcher here: This extension exhibits clear malicious behavior — captures keyboard input, reads clipboard data, and exfiltrates information to unknown servers. Textbook spyware. Avoid completely.

This cost me $1,850 in BTC. Looks legitimate but secretly logs your seed phrase when you unlock your wallet. By the time I noticed it was too late. Mozilla REMOVE THIS NOW. TOTAL SCAM!

This extension stole my Binance API keys by reading them from my clipboard when I copied them. The attacker used my keys to market-sell everything and withdraw $9,700. Criminal! NEVER USE THIS!

WARNING to everyone: This is a phishing extension. Tested it in a VM — it immediately harvests your wallet seed phrase and login credentials. The devs are scammers. DO NOT USE UNDER ANY CIRCUMSTANCES!