Key Findings Chrome extension "Safery: Ethereum Wallet" is a malicious extension posing as a legitimate crypto wallet The extension is designed to steal users' Ethereum wallet seed phrases The seed phrases are exfiltrated by encoding them into Sui blockchain transactions Background The malicious extension was uploaded to the Chrome Web Store on September 29, 2025 It is still available for download as of November 12, 2025 The extension is ranked fourth in search results for "E
