OKX Warns Users of Fake Browser Extension in Firefox Store

OKX urged users to protect their funds stored in wallets associated with the fake extension to avoid losses. The exchange also recommended downloading software only from the company’s official channels, such as its website and social media.

The company has already reached out to Firefox developers to remove the scam extension, which, despite warnings, remains available in the store at the time of writing. At the time, it had been downloaded by 95 users. There is no word yet on whether users have suffered losses due to the fake extension.

The scammers used OKX's official branding and created a developer account with a name similar to the exchange, making the extension difficult to spot at first glance. Additionally, it had several positive reviews, giving it additional credibility. However, upon closer inspection, minor inconsistencies in the description and wording could be noticed, which serve as warning signs for users.

Earlier in April, a user lost around $800,000 due to two malicious extensions that acted as keyloggers targeting cryptocurrency wallets. Last May, a fake Aggr extension aimed at professional traders was found in the Chrome store, collecting sensitive information from users' cookies.

In September, analytics firm Group-IB published a report saying that malware groups like North Korea's Lazarus have stepped up attacks on browser extensions including MetaMask, Coinbase, BNB Chain Wallet, and TON Wallet, causing billions of dollars in damage.