The malicious Google Chrome extension "Crypto Copilot" steals Solana redemption funds by hiding extra transfers.

A report released Tuesday by cybersecurity firm Socket revealed that a malicious Google Chrome browser extension called Crypto Copilot allows users to transact on the Solana blockchain via X social media feeds while secretly extracting fees from each transaction and transferring them to the creator's wallet.