Crypto Copilot Extension Exposed for Secretly Draining Solana Wallets
TLDR
- Crypto Copilot stole SOL through hidden swap instructions in user wallets.
- Malicious extension rerouted tiny amounts per trade undetected for months.
- Experts warn high-volume Solana traders faced amplified hidden losses.
- Obfuscated code masked secret transfers, bypassing swap approval screens.
- Extension exposed—users urged to revoke access and move crypto immediately.
A new report revealed that Crypto Copilot injected unauthorized transfer instructions into Solana swaps for months, silently diverting funds from wallets. The Chrome extension appeared legitimate but embedded malicious code that rerouted a portion of each transaction to an attacker-controlled address. Analysts confirmed that the behavior remained…
