Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses

A new and insidious form of cryptocurrency theft has been uncovered, with hackers exploiting a seemingly innocuous Google Chrome extension to swap wallet addresses and steal digital funds.

The “Silent Swap Crypto Clipper” malware targets individuals who use Google Notes, a popular note-taking browser extension. By masquerading as the legitimate extension, the attackers inject malicious code into users’ browsers, allowing them to silently swap their cryptocurrency wallet addresses with fake ones. This enables hackers to intercept and steal funds intended for legitimate transactions.

The operation of the Silent Swap Crypto Clipper is both clever and devious. Once installed on a user’s device, the malware waits patiently in the background until it detects a cryptocurrency transaction taking place. At this point, it springs into action, substituting the real wallet address with a fake one. The user remains unaware that their funds have been redirected to an attacker-controlled wallet. This can result in significant financial losses for unsuspecting victims.

The Silent Swap Crypto Clipper’s use of Google Notes as its Trojan horse makes it particularly difficult to detect and remove. Since the malware mimics the behavior of the legitimate extension, antivirus software may not flag it as malicious. Furthermore, users who install the extension through reputable sources are less likely to suspect foul play. This is precisely why hackers have chosen this method – it provides a high degree of stealth and deception.

The rise of cryptocurrency adoption has led to an increase in sophisticated attacks targeting digital wallets. The Silent Swap Crypto Clipper represents yet another example of how attackers will exploit any vulnerability or weakness to achieve their goals. The incident serves as a stark reminder that even seemingly harmless browser extensions can pose significant security risks if not carefully vetted.

To protect yourself against such threats, it is essential to remain vigilant and exercise caution when installing new software. Always verify the authenticity of browser extensions by checking for reviews and ratings from trusted sources. Regularly update your operating system and browser to ensure you have the latest security patches. Lastly, never underestimate the importance of double-checking wallet addresses before initiating a cryptocurrency transaction – it could be the difference between safeguarding your funds or falling victim to cybercrime.


Source: The Hacker News — 2026-06-30