Russian Malware Targets ICP Tokens, Price Drops 5.18%

Russian malware has targeted the Internet Computer Protocol (ICP) tokens, causing a significant drop in their value and contributing to market instability. The ICP price fell by 5.18%, dropping below the $5 support level to $4.8373. This incident highlights the vulnerabilities in crypto security and the need for robust cybersecurity measures.

The malware campaign, identified by Koi Security, involved over 40 fake browser wallet extensions that mimicked popular cryptocurrency wallets. These malicious extensions have been active since April 2025, primarily targeting ICP tokens. The lack of public statements from Internet Computer’s leadership, including CEO Dominic Williams, has added to the uncertainty surrounding the attack.

The financial impact on ICP was immediate, with its price declining sharply. This decline was more pronounced than the broader market, indicating a direct impact on ICP. The sell pressure on ICP was accompanied by notable volatility, especially during specific sell-off times. Market responses included significant price fluctuations within the ICP token, driven by concerns around browser wallet security.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has noted increased activities by Russian-speaking cyber actors targeting Western technology and crypto entities. While SOL faced a 3.36% decline, this was attributed to broader market pressures rather than the malware campaign. Other major cryptocurrencies like Ethereum (ETH) and Bitcoin (BTC) were not directly affected by the malware activity.

Industry experts emphasize the broader security implications of such targeting incidents. Previous attacks have led to short-term price weakness in impacted tokens, yet recovery typically follows once confidence is restored. Despite various risks for Layer 1 and DeFi sectors, the specific threat remains confined to ICP for now.

A recent cybersecurity report revealed that Russian-speaking attackers have been targeting the Internet Computer Protocol (ICP) with fake crypto wallet extensions, exacerbating market jitters and causing the ICP token to break below the $5 support level. This malicious campaign, known as "FoxyWallet," has seen over 40 malicious extensions impersonating legitimate crypto wallets on the Firefox Add-ons store. The discovery of this sophisticated browser extension attack has added downward pressure on the ICP token value, which fell by 4.3% as a result.

The impact of this malware campaign extends beyond the ICP token, as it has also put pressure on the broader cryptocurrency markets. The use of fake wallet extensions to drain funds from unsuspecting users highlights the growing threat of cybercrime in the digital asset space. This incident serves as a reminder of the importance of vigilance and security measures for cryptocurrency users and investors.

The malware campaign has been linked to Russian-speaking attackers, who have been known to engage in cybercrime activities. The use of fake wallet extensions to target cryptocurrency users is a concerning development, as it demonstrates the evolving tactics employed by cybercriminals to exploit vulnerabilities in the digital asset ecosystem.

The discovery of this malware campaign has raised concerns about the security of cryptocurrency wallets and the potential for further attacks. As the use of digital assets continues to grow, it is essential for users and investors to remain vigilant and take appropriate measures to protect their funds. This includes using reputable wallet providers, enabling two-factor authentication, and being cautious of phishing attempts and other forms of social engineering.

The impact of this malware campaign on the ICP token and the broader cryptocurrency markets underscores the need for enhanced security measures in the digital asset space. As the threat of cybercrime continues to evolve, it is crucial for users, investors, and industry stakeholders to work together to address these challenges and ensure the safety and security of digital assets.