TGTGInsighttelegram intelligenceLIVE / telegram public index
← The Hacker News
View original
The Hacker News avatar

TGINSIGHT POST

Post #8200

@thehackernews

The Hacker News

Views10,700Post view count
PostedJan 1301/13/2026, 05:24 PM
Post content

Post content

🚨 Malicious Chrome extension targeted MEXC users by abusing an already logged-in browser session. It auto-created new API keys, secretly enabled withdrawals, hid that permission in the UI, and sent the keys to a Telegram bot. Uninstalling the extension didn’t revoke 🔑 access. 🔗 Read → https://thehackernews.com/2026/01/malicious-chrome-extension-steals-mexc.html