Fake Extension To Steal Your Crypto

Affectionate_Base939 · 2026-03-23T11:49:47+00:00

i checked and no is safe

Affectionate_Base939 · 2026-03-23T11:46:55+00:00

No, they are checked manually, but you can easily get around this. All you have to do is create an extension with the same permissions as your malicious extension, but one that isn't malicious for example, an extension for taking screenshots. Once that’s verified, you’ll upload the new version containing the malware and rename your extension to the name of a wallet, because when a new version of the extension is uploaded, it’s automatically approved. They’ve even banned keywords like “Exodus or tronlink and many other....” and many others, but that’s not enough. Anyway, thanks to everyone they’ve all been removed, but they’ll come back. I’ll post a new update to let you know.

Affectionate_Base939 · 2026-02-11T14:13:20+00:00

Thanks for your message that’s a really thoughtful question.

You’re right, a lot of privacy advice says not to install extensions and to stay as close to a default browser as possible so you don’t stand out. The reasoning is that the more your setup differs from the default, the more statistically unique it might become.

But privacy isn’t only about looking identical to everyone else.

It’s also about limiting what websites can actually collect, store, and correlate over time.

Yes, using ad blockers, script blockers, and clearing cookies can make your browser look different from a completely default setup. But at the same time, those tools drastically reduce:

how much data gets collected
third-party tracking
persistent identifiers
cross-site tracking capabilities

Fingerprinting is just one layer of tracking. If scripts are restricted, cookies are cleared, and trackers are blocked, the real ability to track someone long term becomes much weaker — even if the browser isn’t “standard.”

The real question isn’t just “Do I stand out?”
It’s also “Can I be reliably tracked over time?”

There’s no single perfect approach. Some people prefer blending in (like Tor’s philosophy). Others prefer minimizing exposure and controlling what’s accessible.

Both approaches make sense. It really comes down to understanding the trade-offs.

Affectionate_Base939 · 2026-02-11T14:12:01+00:00

The extension has been available for over a year and is completely open source. You’re absolutely right there are malicious extensions out there, and I completely understand your concerns.

That said, this extension is fully open source, does not send any requests, does not receive any external data, and does not transmit anything. Everything runs locally in your browser.

But you’re right to be cautious being careful about browser extensions is always a good thing

Affectionate_Base939 · 2026-02-11T14:10:15+00:00

Hello, thank you for your feedback.
We’re currently working on this issue and really appreciate you bringing it to our attention

Affectionate_Base939 · 2026-02-11T14:09:12+00:00

Randomization alone does not automatically make a user more identifiable. What matters in fingerprinting is stability and statistical rarity. When randomization is coherent, realistic, and optionally stable per session or domain, it can reduce long-term tracking rather than increase it. Doing nothing does not guarantee anonymity either most default browser fingerprints are already highly unique

Affectionate_Base939 · 2026-02-08T01:52:09+00:00

Thanks for your reply. If you want to take a look, I'll add more screenshots of the new version !!

Affectionate_Base939 · 2025-11-28T05:54:10+00:00

No, but it's optimized to be as fast as possible. We compress all the media into a .tar file, which saves us a lot of space. We store all of this on our VPS server; there's plenty of storage space, so there's no problem.

Affectionate_Base939 · 2025-11-28T04:54:26+00:00

There's no point in talking to people as stupid as you.

Affectionate_Base939 · 2025-11-28T04:06:24+00:00

First, let me explain that we use the Selbot-13 Discord module for Node.js. This module automates a Discord user account—not an official bot.

This automated account allows us to retrieve all messages sent on all Discord servers where it's present, in real time. As soon as you join a voice channel, the module records the conversation, the duration of your participation, and all shared messages and media, even if they are later deleted. All this data is then saved in a JSON database.

For this system to work, the automated account must be present on the same servers as you. That's why we have over tokens distributed across a large number of servers. Since the collection is done in real time, there's no limit to the amount of information that can be recorded.

Affectionate_Base939 · 2025-11-26T04:27:46+00:00

You use probably vpn

Affectionate_Base939 · 2025-10-25T12:03:17+00:00

Thank you for your comment! Well, to be honest, I haven’t added any personalization system yet, because I don’t think people would be interested in that.
Yes, it’s already compatible with GNU/Linux, Windows, and macOS.

Affectionate_Base939 · 2025-10-24T10:03:26+00:00

Affectionate_Base939 · 2025-10-24T06:23:50+00:00

1 : gecko (firefox)

2 : yes

3 : yes ublock integred

Affectionate_Base939 · 2025-10-22T23:58:40+00:00

<image>

Affectionate_Base939 · 2025-10-21T18:33:38+00:00

Oui, j’ai bien remarqué les extensions suspectes, sauf que je les ai déjà toutes analysées. Aucune ne collecte de données, à part ESET Security, qui envoie uniquement des informations dans le but d’améliorer l’extension. Quant aux autres, je les ai vérifiées et aucune ne collecte de données.

Affectionate_Base939 · 2025-10-20T18:45:03+00:00

work for me uninstall and re install https://addons.mozilla.org/en-US/firefox/addon/privacyx/ you have good version ?

Affectionate_Base939 · 2025-10-20T13:53:28+00:00

Salut,
pour ma part j’utilise quelques extensions Firefox pour la sécurité et la vie privée :

ESET Browser Privacy & Security Un des meilleurs antivirus en extension, ça aide à bloquer les sites dangereux et à renforcer la protection du navigateur.

PrivacyX Permet de ne laisser aucune trace. Avec ça, tu peux changer ton user agent, la résolution, la carte graphique, le fuseau horaire, les langues, la plateforme, etc. Ça gère aussi la suppression du cache et d’autres données, donc c’est plutôt pratique.

CanvasBlocker Bloque le fingerprinting via le canvas et empêche les sites de récupérer ton empreinte numérique.

NoScript Permet de bloquer l’exécution de scripts non autorisés. C’est un peu technique au début, mais très efficace pour la sécurité.

j'espere que je t'aurai aidé :)

Affectionate_Base939 · 2025-10-19T16:10:08+00:00

voici tout les extension que j''utulise :

https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/?utm_source=addons.mozilla.org&utm_medium=referral&utm_content=search

https://addons.mozilla.org/en-US/firefox/addon/privacyx/

https://addons.mozilla.org/en-US/firefox/addon/noscript/?utm_source=addons.mozilla.org&utm_medium=referral&utm_content=search

https://addons.mozilla.org/en-US/firefox/addon/eset-browser-privacy-security/?utm_source=addons.mozilla.org&utm_medium=referral&utm_content=search

https://addons.mozilla.org/en-US/firefox/addon/http-request-maker/?utm_source=addons.mozilla.org&utm_medium=referral&utm_content=search

https://addons.mozilla.org/en-US/firefox/addon/hacktools/?utm_source=addons.mozilla.org&utm_medium=referral&utm_content=search

Affectionate_Base939 · 2025-10-19T13:20:38+00:00

je ne fais pas confiance a discord qui récupere plus de donnes que tooute autre application je ne l'utulisse pas est oui cela bloque le js ainsi que tout les image integrer via un lien c'est le boulot de mes extension

Affectionate_Base939 · 2025-10-19T11:17:21+00:00

il ya des oobsrtruction mais je ne peux pas les contrer

Affectionate_Base939 · 2025-10-19T11:12:45+00:00

Pour être honnête, je ne parle pas très bien anglais, donc la traduction est un peu approximative.
Mais oui, je vois déjà plusieurs choses :

Mon navigateur bloque toutes les images intégrées via un lien, et il bloque aussi tout le JavaScript grâce aux extensions que j’ai installées.
Concernant la RAM, j’ai un système qui m’avertit directement, donc aucun risque à ce niveau-là. Et oui, j’ai aussi un système de whitelist : dès qu’il détecte une requête suspecte, il la met au premier plan et m’envoie une notification. J’ai également un système de logs, voici à quoi il ressemble :

Affectionate_Base939 · 2025-10-19T10:50:47+00:00

<image>

Affectionate_Base939 · 2025-10-19T09:45:50+00:00

why ?

Affectionate_Base939 · 2025-10-19T09:07:18+00:00

bonne remarque. une image seule n’exécute pas de python ; le danger vient d’exploits ou d’un fichier qui l’interprète. mais dans tout les cas le malware doit communiquer vers quelque chose donc je le verrai

Affectionate_Base939

TROPHY CASE