Researchers have discovered a malicious Chrome extension that injects hidden transfer fees into Solana transactions on the Raydium decentralized exchange. The extension stealthily modifies transaction parameters to siphon funds to an attacker-controlled wallet.
Business Impact
This highlights the risk of unvetted browser extensions in corporate environments, especially for finance and crypto-related operations. It demonstrates a sophisticated method of financial theft that is difficult for users to detect visually.
Why It Happened
The extension abuses the permissions granted within the browser to manipulate the DOM (Document Object Model) of the target website, altering transaction data in real-time before the user signs it.
Recommended Executive Action
Enforce strict browser policies preventing the installation of unapproved extensions on corporate devices. For financial teams, mandate the use of dedicated, clean browsers or hardware wallets with trusted displays for transaction verification.
Hashtags: #Crypto #Fraud #ChromeExtension #Solana #BrowserSecurity #CyberCrime #InfoSec #FinancialSecurity