Exvul: Multiple Chrome extension wallets, including Coinbase Wallet, have serious vulnerabilities that may expose users' private keys.

ChainCatcher message, the EXVUL technical team stated that several Chrome extension wallets have recently been found to have serious vulnerabilities. It is understood that many Google extension wallets use indexedDB to store encryption key data; however, this storage method poses a risk of ciphertext replacement attacks. Attackers can replace the victim's wallet keys, thereby decrypting the victim's wallet and stealing the user's keys or mnemonic phrases. Wallets that have been confirmed to have this vulnerability include Coinbase Wallet, Crypto.com, Sui Wallet, MyEtherWallet, and others. The EXVUL technical team stated that they are in contact with the relevant wallet teams to discuss repair solutions.