Security firm: Malicious Google Chrome browser extensions can secretly steal some SOL tokens.

According to a report by Odaily Planet Daily, a Google Chrome browser extension allows users to trade on Solana while secretly extracting a portion of the transaction fees into the creator's wallet. A report released Tuesday by cybersecurity firm Socket revealed that Crypto Copilot injects additional funds into each Solana Swap, stealing at least 0.0013 SOL, or 0.05% of the transaction amount. On the backend, Crypto Copilot uses the decentralized exchange Raydium to perform the exchange for the user, but appends a second instruction to transfer SOL from the user to the attacker. The user interface only displays the exchange details, while the wallet confirmation screen "only summarizes the transaction information and does not display specific instructions."

Crypto Copilot is reportedly a convenient tool that allows Solana traders to execute swap transactions directly via Twitter. (Cointelegraph)