Aug 7, 2025
July Updates: Expanding Protection To Mozilla Addons & Emerging Social Platforms
This month, we’ve been busy shipping several improvements to our platform to monitor, review, and take down emerging threats types in the Web3 space.
E2E Mozilla Add-ons Protection
Detection
We’ve integrated targeted monitoring for the Mozilla Add-ons store (AMO) to identify fake crypto wallet extensions containing malicious code. This detection source automatically ingests new submissions from AMO, enabling us to flag threats before they spread widely.
Rules/Reviewing
New detection rules now focus on high-risk extensions impersonating wallet brands like MetaMask, Sui, Rabby, and Coinbase. Automated analysis looks for phishing behavior and other red flags. Potentially malicious add-ons are then queued for rapid human review, ensuring that high-confidence threats move quickly to takedown.
Takedowns
Confirmed threats are sent through our automated takedown system, removing them directly from the Mozilla Add-ons store. This streamlined pipeline reduces the time from detection to removal, protecting end-users from credential theft and asset loss.
Collaborating With Mozilla
We’re actively collaborating with Mozilla’s security and add-ons teams to combat this emerging threat category, in direct alignment with their recent public warning: Crypto wallet scams: thwarting a new threat. ChainPatrol continues to be committed to covering new threat environments and collaborating with platforms to better combat waves of new threats.
Expanded Social Platform Coverage
We're excited to share that we’ve added automated detection for profiles on:
These platforms are actively being abused to target our customers recently. In response, we rapidly prototyped, tested, and delivered these new detection sources in under a week. At ChainPatrol, we are constantly iterating on our engineering and threat intelligence in alignment with our customers' needs.
Intercom Integration (Beta)
Many Web3 brands we work with rely on Intercom for customer support and ticketing. Increasingly, customer support teams are handling incoming reports from users who have been scammed or are at risk.
To reduce delays in gathering this valuable threat intel, our new Intercom Integration allows customer threat submissions to flow directly from Intercom conversations into ChainPatrol, ensuring faster triage and takedown.
If your team uses Intercom, please reach out to us to get access to the Beta.
Miscellaneous Improvements
Detection Page Chart Improvements – Better x-axis labels and updated colors for easier interpretation.
Detection Chart by Time – Filter detections using an interactive bar chart; click and drag to select time ranges.
Detection Chart by Asset Type – View detection breakdowns by asset type over time to spot trends.
Proposal Rule Result UI Refactor – New layout for rule contributions and score explanations for clearer reviews.
Web3 Rule Group – New rule group for detecting Web3 presence in URLs, enabling confident automation.
Open PageRank & Tranco Legitimacy Check – Added Open PageRank check and updated Tranco logic to reduce false positives.
Search Page UX Refactor – Tabbed search UI by category for cleaner navigation.
Polkadot Phishing Data Server – Now displays blocklist info from the Polkadot ecosystem.
This month, we’ve been busy shipping several improvements to our platform to monitor, review, and take down emerging threats types in the Web3 space.
E2E Mozilla Add-ons Protection
Detection
We’ve integrated targeted monitoring for the Mozilla Add-ons store (AMO) to identify fake crypto wallet extensions containing malicious code. This detection source automatically ingests new submissions from AMO, enabling us to flag threats before they spread widely.
Rules/Reviewing
New detection rules now focus on high-risk extensions impersonating wallet brands like MetaMask, Sui, Rabby, and Coinbase. Automated analysis looks for phishing behavior and other red flags. Potentially malicious add-ons are then queued for rapid human review, ensuring that high-confidence threats move quickly to takedown.
Takedowns
Confirmed threats are sent through our automated takedown system, removing them directly from the Mozilla Add-ons store. This streamlined pipeline reduces the time from detection to removal, protecting end-users from credential theft and asset loss.
Collaborating With Mozilla
We’re actively collaborating with Mozilla’s security and add-ons teams to combat this emerging threat category, in direct alignment with their recent public warning: Crypto wallet scams: thwarting a new threat. ChainPatrol continues to be committed to covering new threat environments and collaborating with platforms to better combat waves of new threats.
Expanded Social Platform Coverage
We're excited to share that we’ve added automated detection for profiles on:
These platforms are actively being abused to target our customers recently. In response, we rapidly prototyped, tested, and delivered these new detection sources in under a week. At ChainPatrol, we are constantly iterating on our engineering and threat intelligence in alignment with our customers' needs.
Intercom Integration (Beta)
Many Web3 brands we work with rely on Intercom for customer support and ticketing. Increasingly, customer support teams are handling incoming reports from users who have been scammed or are at risk.
To reduce delays in gathering this valuable threat intel, our new Intercom Integration allows customer threat submissions to flow directly from Intercom conversations into ChainPatrol, ensuring faster triage and takedown.
If your team uses Intercom, please reach out to us to get access to the Beta.
Miscellaneous Improvements
Detection Page Chart Improvements – Better x-axis labels and updated colors for easier interpretation.
Detection Chart by Time – Filter detections using an interactive bar chart; click and drag to select time ranges.
Detection Chart by Asset Type – View detection breakdowns by asset type over time to spot trends.
Proposal Rule Result UI Refactor – New layout for rule contributions and score explanations for clearer reviews.
Web3 Rule Group – New rule group for detecting Web3 presence in URLs, enabling confident automation.
Open PageRank & Tranco Legitimacy Check – Added Open PageRank check and updated Tranco logic to reduce false positives.
Search Page UX Refactor – Tabbed search UI by category for cleaner navigation.
Polkadot Phishing Data Server – Now displays blocklist info from the Polkadot ecosystem.
This month, we’ve been busy shipping several improvements to our platform to monitor, review, and take down emerging threats types in the Web3 space.
E2E Mozilla Add-ons Protection
Detection
We’ve integrated targeted monitoring for the Mozilla Add-ons store (AMO) to identify fake crypto wallet extensions containing malicious code. This detection source automatically ingests new submissions from AMO, enabling us to flag threats before they spread widely.
Rules/Reviewing
New detection rules now focus on high-risk extensions impersonating wallet brands like MetaMask, Sui, Rabby, and Coinbase. Automated analysis looks for phishing behavior and other red flags. Potentially malicious add-ons are then queued for rapid human review, ensuring that high-confidence threats move quickly to takedown.
Takedowns
Confirmed threats are sent through our automated takedown system, removing them directly from the Mozilla Add-ons store. This streamlined pipeline reduces the time from detection to removal, protecting end-users from credential theft and asset loss.
Collaborating With Mozilla
We’re actively collaborating with Mozilla’s security and add-ons teams to combat this emerging threat category, in direct alignment with their recent public warning: Crypto wallet scams: thwarting a new threat. ChainPatrol continues to be committed to covering new threat environments and collaborating with platforms to better combat waves of new threats.
Expanded Social Platform Coverage
We're excited to share that we’ve added automated detection for profiles on:
These platforms are actively being abused to target our customers recently. In response, we rapidly prototyped, tested, and delivered these new detection sources in under a week. At ChainPatrol, we are constantly iterating on our engineering and threat intelligence in alignment with our customers' needs.
Intercom Integration (Beta)
Many Web3 brands we work with rely on Intercom for customer support and ticketing. Increasingly, customer support teams are handling incoming reports from users who have been scammed or are at risk.
To reduce delays in gathering this valuable threat intel, our new Intercom Integration allows customer threat submissions to flow directly from Intercom conversations into ChainPatrol, ensuring faster triage and takedown.
If your team uses Intercom, please reach out to us to get access to the Beta.
Miscellaneous Improvements
Detection Page Chart Improvements – Better x-axis labels and updated colors for easier interpretation.
Detection Chart by Time – Filter detections using an interactive bar chart; click and drag to select time ranges.
Detection Chart by Asset Type – View detection breakdowns by asset type over time to spot trends.
Proposal Rule Result UI Refactor – New layout for rule contributions and score explanations for clearer reviews.
Web3 Rule Group – New rule group for detecting Web3 presence in URLs, enabling confident automation.
Open PageRank & Tranco Legitimacy Check – Added Open PageRank check and updated Tranco logic to reduce false positives.
Search Page UX Refactor – Tabbed search UI by category for cleaner navigation.
Polkadot Phishing Data Server – Now displays blocklist info from the Polkadot ecosystem.
ChainPatrol
© 2025 ChainPatrol Inc., All Rights Reserved
ChainPatrol
© 2025 ChainPatrol Inc., All Rights Reserved
ChainPatrol
© 2025 ChainPatrol Inc., All Rights Reserved