Alright, so another day, another crypto scam. This time it's a Chrome extension called "Safery: Ethereum Wallet." Safery? More like Scamery, am I right?
The pitch is simple: a "secure wallet for managing Ethereum cryptocurrency." The reality? It steals your seed phrase by encoding it into a fake Sui address and sending microtransactions from an attacker-controlled wallet. Genius, in a twisted, evil way.
It's like something out of a bad spy movie. Instead of a dead drop in a park, it's a microtransaction on the blockchain.
And get this... it was uploaded to the Chrome Web Store on September 29, 2025, and was updated as recently as November 12. Meaning it's been out there, actively screwing people over, for weeks.
Why the hell does Google allow this crap on their store? Is there literally no oversight? Are they just vacuuming up ad revenue while people get robbed blind? I mean, seriously...
The "Safery" extension smuggles your seed phrase inside normal-looking blockchain transactions. The attacker monitors the blockchain, decodes the addresses, reconstructs the original seed phrase, and drains your assets. Boom. Gone.
It's a clever workaround. No need for a command-and-control server. Just good ol' blockchain shenanigans. According to Koi Security, this extension steals wallet seed phrases by encoding them as fake Sui addresses and sending micro-transactions to them from an attacker-controlled wallet. Fake Chrome Extension "Safery" Steals Ethereum Wallet Seed Phrases Using Sui Blockchain
Here's the kicker: the article recommends defenders scan extensions for mnemonic encoders, synthetic address generators, and hard-coded seed phrases, as well as block those that write on the chain during wallet import or creation.
Okay, but how many average users are equipped to do that? We're talking about your mom, your uncle, the guy who still forwards chain emails... They're supposed to be reverse-engineering Chrome extensions now? Give me a break.
And what's with all these "security researchers" discovering these things after they've already done damage? Where were they before September 29th, huh?
I'm not saying I could do better, offcourse, but...
Speaking of scams, I saw something about Polymarket. Shayne Coplan launched it with nothing but a blockchain, a strong conviction, and a laptop. The platform lets users trade on the likelihood of real-world outcomes. From elections to Fed decisions to celebrity gossip.
Coplan thinks Polymarket can compete with legacy betting platforms by offering something traditional sportsbooks can’t: fairness. Shayne Coplan Speaks at Cantor Conference
“If you're betting or trading the outcome of a game... there's a monopoly on pricing. You trade against the house every time,” he said. “They can set whatever prices they want. If you make any money, they can ban you. They can profile you and give you worse prices or cap you.”
He's got a point. The house always wins, right?
But let's be real. Prediction markets ain't exactly immune to manipulation either. Whales can still swing the odds, pump and dump schemes are inevitable, and insider information will always be king. Is it really "fairer," or just a different flavor of rigged?
Maybe I'm just cynical.
It's simple: if it involves crypto, assume it's a scam until proven otherwise. Actually, scratch that. Just assume it's a scam. Period.
