GreedyBear’s AI-Driven Attacks Signal New Era in Crypto Cybercrime

Markets 2025-08-11 18:00

Russia-linked cybercrime group GreedyBear has stolen over $1 million in cryptocurrency within just five weeks, according to cybersecurity researchers. The operation represents a major escalation in the group’s activities, leveraging AI-generated code and a growing arsenal of malicious browser extensions.

150 Malicious Firefox Extensions Masquerading as Crypto Wallets


GreedyBear has deployed 150 fraudulent Firefox extensions imitating popular crypto wallets such as MetaMask and Exodus. This is a sharp increase from 40 extensions identified between April and July, signaling a shift toward large-scale, coordinated cyberattacks.

The group’s preferred technique, known as extension hollowing, involves first releasing a legitimate wallet extension to build trust and pass security reviews. Once the extension gains users, it is updated with malicious code designed to harvest login credentials whenever victims attempt to sign in.

High-traffic wallets like MetaMask are especially targeted. The criminals also publish common tools—such as link cleaners and YouTube downloaders—to gather positive reviews before transforming them into credential-stealing malware.

AI’s Role in Accelerating the Attack Cycle

Code analysis revealed traces of AI-generated payloads, used both to create attack modules and evade security detection systems.

GreedyBear’s infrastructure is centrally managed through a single command server, coordinating browser extensions, malware, and phishing sites into a unified attack ecosystem.

The operation appears to be an evolution of the previously identified Foxy Wallet campaign, but with significantly greater scale and sophistication.

Expert Warnings for Crypto Users

Security experts urge crypto holders to:

  • Download wallet extensions only from official stores

  • Verify software publishers before installation

  • Enable multi-factor authentication (MFA) wherever possible

The rise of AI-powered attack automation suggests that cybercrime is entering a new phase, increasing risks not only for Bitcoin and Ethereum users, but also for a wide range of altcoin holders.

Share to:

This content is for informational purposes only and does not constitute investment advice.

BEST buy Kaito BCH Square Figure
Recommended Reading
2025-10-09 18:06
Why DefiLlama Cut Ties With Aster, a YZi Labs-Backed Derivatives Exchange
2025-10-09 18:06
Trump Memecoin Backer Seeks $200 Million for Treasury Company as Token Loses 80% of Value
2025-10-09 18:00
Cardano (ADA) Bull Run Put On Hold As New Ethereum Layer 2 Token Blows Up Online
2025-10-09 18:00
Chainlink Price Could Top $50 In Q4 As Remittix Set To Outshine With 4,000% Increase
2025-10-09 18:00
Top 7 High ROI Cryptos in Q4 2025: Why Ethereum, Solana, Ripple, Binance Coin, Cardano, Chainlink, and BlockchainFX ($BFX) Are the Best to Buy Now
2025-10-09 17:21
Pi Network Price Prediction: Which Are The Top Two Crypto Assets To Buy Under $1?

Popular Articles

Curated Series

SuperEx Popular Science Articles Column

SuperEx Popular Science Articles Column

This collection features informative articles about SuperEx, aiming to simplify complex cryptocurrency concepts for a wider audience. It covers the basics of trading, blockchain technology, and the features of the SuperEx platform. Through easy-to-understand content, it helps users navigate the world of digital assets with confidence and clarity.
How do beginners trade options?How does option trading work?

How do beginners trade options?How does option trading work?

This special feature introduces the fundamentals of options trading for beginners, explaining how options work, their main types, and the mechanics behind trading them. It also explores key strategies, potential risks, and practical tips, helping readers build a clear foundation to approach the options market with confidence.

What are the risks of investing in cryptocurrency?

What are the risks of investing in cryptocurrency?

This special feature covers the risks of investing in cryptocurrency, explaining common challenges such as market volatility, security vulnerabilities, regulatory uncertainties, and potential scams. It also provides analysis of risk management strategies and mitigation techniques, helping readers gain a clear understanding of how to navigate the crypto market safely.
Bitcoin historical price data and trends

Bitcoin historical price data and trends

This special feature gathers multiple articles on Bitcoin’s historical price data, analyzing past trends, market cycles, and key events that shaped its value. It also explores factors influencing price movements, providing readers with insights into Bitcoin’s long-term performance and market patterns.
Detailed Illustrated Guide to Contract Trading

Detailed Illustrated Guide to Contract Trading

This collection, "Detailed Illustrated Guide to Contract Trading," explains the fundamentals of contract trading, including futures and margin trading. It uses clear illustrations to simplify key concepts, risk management strategies, and order types, making it accessible for both beginners and experienced traders.