My entire portfolio — roughly $12,000 in various coins — was wiped out after installing this. It injects a script that reads your wallet data in the background. Absolute criminals. NEVER INSTALL THIS!

This is a credential phishing attack disguised as a browser extension. It overlays fake login pages on top of real ones. I caught it stealing my Google and PayPal passwords. DANGEROUS — uninstall if you have it!

Three of my friends installed this based on fake recommendations in a Facebook group. All three had accounts compromised within days. This is an organised phishing network. Warn everyone you know — DO NOT INSTALL!

ATTENTION: Multiple users on Reddit and Discord reported this extension phishing their passwords and 2FA codes. Classic credential-harvesting attack. Developer is a known fraud. Spread the word — REPORT THIS!

Ledger Live users be careful! Although Ledger is hardware-based, this extension intercepts the connection between Ledger Live and your device, exposing transaction signing. $11,500 in ETH was redirected. SCAM!

Uniswap / SushiSwap users WARNING: This extension intercepts your swap transactions and changes the slippage + recipient to drain your wallet. Lost $3,900 in a single 'swap'. It's a transaction hijacker. SCAM!

Confirmed phishing extension. It harvests email credentials and uses them to compromise linked accounts — banking, shopping, crypto. Took everything from my PayPal and Amazon accounts. Report now, before others suffer!

ATTENTION: Multiple users on Reddit and Discord reported this extension phishing their passwords and 2FA codes. Classic credential-harvesting attack. Developer is a known fraud. Spread the word — REPORT THIS!

This extension targets the moment you create a new wallet. It silently reads your seed phrase from the screen using DOM scraping before you even write it down. You start with zero funds. Pure evil. NEVER USE!

This cost me $1,850 in BTC. Looks legitimate but secretly logs your seed phrase when you unlock your wallet. By the time I noticed it was too late. Mozilla REMOVE THIS NOW. TOTAL SCAM!

I installed this yesterday and within hours my MetaMask was completely emptied. Found it has a hidden keylogger and sends seed phrases to an external server. COMPLETE SCAM — STAY FAR AWAY!

Lost my entire seed phrase to this fake extension. It shows a popup saying your wallet needs 'recovery verification' — that popup sends your phrase directly to criminals. $14,300 in SOL gone instantly. SCAM!!

Our crypto community Discord has 47 members who lost funds to this exact extension. Total losses exceed $280,000. We are coordinating a legal response. Please do NOT install and report it to Mozilla NOW!

DO NOT INSTALL if you value your privacy. This extension logs every website you visit, every search you make, and every form field you type in — including passwords. Sold to advertising networks. Spyware!

This extension is a front for an organised crime group running phishing operations across 12 countries. Europol is investigating but the extension is still live. Please report it — every report helps get it removed!

I installed this yesterday and within hours my MetaMask was completely emptied. Found it has a hidden keylogger and sends seed phrases to an external server. COMPLETE SCAM — STAY FAR AWAY!

This extension asks for permission to read ALL your data on ALL websites. That means passwords, credit cards, personal messages — everything. No legitimate extension needs this. It's a surveillance tool. REFUSE.

I traced the stolen funds on-chain after losing 5.2 ETH. They go through a tumbler within minutes and are split across 40+ wallets. Professional criminal infrastructure. This extension is run by organised thieves.

Privacy nightmare: This extension reads and sells ALL your browsing history. Every URL, every search, every form you fill. Read the permissions — it has access to everything. Your data is being monetised without consent.

Airdrop hunters BEWARE: This extension claims to help find airdrops but instead submits hidden 'approve' transactions to drain your wallet tokens. $5,100 in ARB and OP tokens gone. Classic drain attack. SCAM!

Found this extension communicating with known malware command-and-control servers listed in public threat intelligence databases. It's part of an organised criminal operation. Report to Mozilla immediately!

Privacy alert: Discovered this extension is linked to a known data broker. It harvests your browsing profile — every site, every click, every search — and sells it without your knowledge. Opt out is impossible. AVOID!

After installing I noticed my CPU spiking and browser slowing. Investigated and found it was running a crypto miner in the background while also logging my activity. Double threat — spyware AND miner. UNINSTALL!

This fake extension targets yield farming users. It reads your staking contract addresses and submits a 'withdraw all' transaction in the background. My entire staking position of $17,000 was drained. TOTAL THEFT!