Поиск в Поддержке

Избегайте мошенников, выдающих себя за службу поддержки. Мы никогда не попросим вас позвонить, отправить текстовое сообщение или поделиться личной информацией. Сообщайте о подозрительной активности, используя функцию «Пожаловаться».

Подробнее

Fake Trust Wallet Extension stole all assets

  • 7 ответов
  • 1 имеет эту проблему
  • 2 просмотра
  • Последний ответ от James

more options

I installed what I thought was the "trust wallet" extension. It's not the real trust wallet. I had a little over $5K stolen in BTC, ETH, and SOL. Is there any way you can help me catch the individuals or somehow get back my stolen funds? Or any advice or direction will be helpful.

I installed what I thought was the "trust wallet" extension. It's not the real trust wallet. I had a little over $5K stolen in BTC, ETH, and SOL. Is there any way you can help me catch the individuals or somehow get back my stolen funds? Or any advice or direction will be helpful.

Все ответы (7)

more options

Probably you have removed that add-on by now. Can you tell from your browsing history where you installed it from?

If not, did it have a toolbar button? If so:

If you go into the configuration editor and look at your toolbar button setup, the add-on's ID might be indicated there, indirectly. Here's how you would check it:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.

(2) In the search box in the page, type or paste browser.uiCustomization.state and pause while the list is filtered

Firefox normally shows an enormously long JSON-format string that contains toolbar layout details. The add-ons can be named in two different ways, so it can be easier or more difficult to decode:

(A) @ style, for example:

"window-autonumber_jeffersonscher_com-browser-action"

The guid is window-autonumber@jeffersonscher.com

(B) GUID style, for example:

_cb08faed-9460-474a-ba0b-d98b13b5e001_-browser-action

The guid is {cb08faed-9460-474a-ba0b-d98b13b5e001}

If the add-on is still on the Mozilla Add-ons site, you can search for the guid using my extension search page:

https://www.jeffersonscher.com/sumo/extensions.html#guid=PASTE-GUID-HERE

more options

Hello,

I installed it from firefox. I have the link but it's no longer on firefox, probably because I reported it.

https://addons.mozilla.org/en-US/firefox/addon/dapps_platforminc/?utm_source=addons.mozilla.org&utm_medium=referral&utm_content=search I'm not able to locate the requested information. Perhaps doing something wrong? Cant find GUID for the trust wallet -deleted it from my extensions and it's no longer on firefox. This is what came up when I did the steps above:


{"placements":{"widget-overflow-fixed-list":["bookmarks-menu-button"],"unified-extensions-area":["_16ea91b0-8990-4c1a-83fc-660e4bf7614b_-browser-action","_95c571d7-3883-4aca-89f3-9035820949b1_-browser-action","webextension_metamask_io-browser-action","_504e1565-ddd7-4fc3-bec3-079ddb622b2c_-browser-action","tab-stash_condordes_net-browser-action","_01c29374-a0fa-4bbb-b047-19d9213ed90e_-browser-action","_821bcd4e-7224-4e3d-b806-b244b4669a31_-browser-action"],"nav-bar":["back-button","forward-button","stop-reload-button","home-button","customizableui-special-spring1","urlbar-container","customizableui-special-spring2","save-to-pocket-button","downloads-button","fxa-toolbar-menu-button","unified-extensions-button"],"toolbar-menubar":["menubar-items"],"TabsToolbar":["firefox-view-button","tabbrowser-tabs","new-tab-button","alltabs-button"],"PersonalToolbar":["personal-bookmarks"]},"seen":["save-to-pocket-button","developer-button","_16ea91b0-8990-4c1a-83fc-660e4bf7614b_-browser-action","_95c571d7-3883-4aca-89f3-9035820949b1_-browser-action","webextension_metamask_io-browser-action","_504e1565-ddd7-4fc3-bec3-079ddb622b2c_-browser-action","tab-stash_condordes_net-browser-action","_01c29374-a0fa-4bbb-b047-19d9213ed90e_-browser-action","_821bcd4e-7224-4e3d-b806-b244b4669a31_-browser-action"],"dirtyAreaCache":["nav-bar","PersonalToolbar","toolbar-menubar","TabsToolbar","unified-extensions-area","widget-overflow-fixed-list"],"currentVersion":19,"newElementCount":6}

Thank you, SW

more options

See also the extensions.webextensions.uuids pref that might still have the UUID.

more options

this is what came up for extensions.webextensions.uuid:

{"formautofill@mozilla.org":"885dfa6d-8e5e-4528-ab87-71acef47e0b9","pictureinpicture@mozilla.org":"4896592a-f68d-444f-bcfb-61097ea063f3","screenshots@mozilla.org":"51030488-4ed9-4f9b-96aa-c3a1c505fba8","webcompat-reporter@mozilla.org":"4d65133a-0c2d-419f-9903-386a8eb1336e","webcompat@mozilla.org":"de0e8454-50c6-4f6e-a881-fc6453f7ffcc","default-theme@mozilla.org":"c4437044-d64a-436d-af0b-a3d1d5fb4022","google@search.mozilla.org":"57bda4da-75b2-4ae0-aa4f-a7cbeea7ad76","amazondotcom@search.mozilla.org":"ef954aa3-5a16-41c2-bc18-3a022fe61d1c","wikipedia@search.mozilla.org":"31b89753-fd61-492a-b4f8-bd624db643b4","bing@search.mozilla.org":"a20466b4-6af3-4e38-80e8-e2a6731c020d","ddg@search.mozilla.org":"8b864dc7-0780-4e0d-b268-c2cb2ebabcf6","ebay@search.mozilla.org":"a5311cb5-9a28-476e-8a23-9d9950cae067","addons-search-detection@mozilla.com":"68b007eb-6d23-4db0-b06b-24a8b601ea8d","{16ea91b0-8990-4c1a-83fc-660e4bf7614b}":"76f6143c-b7b8-4f60-8488-52a834ec48e2","addons-restricted-domains@mozilla.com":"049cf639-9b4d-478f-8577-06bc1131c910","webextension@metamask.io":"70c622eb-3b32-48af-b9dd-993d0fb81f43","tab-stash@condordes.net":"033d854b-7bdb-4e90-9d07-937e1db239a8","crxviewer-firefox@robwu.nl":"a043939a-e27a-4225-b9e6-d24aea9043d7"}

Not sure if there's anything in here about the fake trust wallet tho, not great at reading this type of data.

more options

Your install URL is the most useful lead. I was able to match {821bcd4e-7224-4e3d-b806-b244b4669a31} to it only because I had your link and there is a snapshot of the listing in Google cache:

Trust Wallet doesn't list a Firefox extension on its browser extensions page, so that probably was an impersonator. To create a developer account and post an add-on, the poster needs to have a Firefox Account, which is linked to a verified email account. However, a thoughtful criminal probably used a throwaway account that isn't easily traced to them. I don't know whether anyone will be able to track them down.

You may want to report this to the FBI's Internet Crime Complaint Center (IC3): https://www.ic3.gov/

I imagine the FBI would have more access to the necessary information than users or forum volunteers.

more options

Hey jscher2000,

Thank you so much for your time and looking into it. I'll report it on there. There's nothing else I can do with this post on mozilla support in your opinion then?

more options

There was a report of another "Trust Wallet" extension back in April 2021 in https://discourse.mozilla.org/t/scam-extention/78626