11-21-2024
BSV
$69.3
Vol 214.3m
0.69%
BTC
$98599
Vol 123743.68m
4.74%
BCH
$485.68
Vol 2210.62m
9.48%
LTC
$89.15
Vol 1403.75m
5.91%
DOGE
$0.38
Vol 9395.63m
1.63%
Getting your Trinity Audio player ready...

An Ethereum wallet extension on Chrome has been discovered to steal user data, including login credentials to some popular crypto platforms. Known as Shitcoin Wallet, it keeps track of all the private keys for its users and also injects their computers with malicious code.

The wallet’s irregularities were discovered by Harry Denley, the director of security at MyCrypto, a tool that lets you interact with the blockchain. 

https://twitter.com/sniko_/status/1211841389299982336

Shitcoin Wallet was launched last December 9. The team behind the wallet described it as a secure web wallet that comes with several extensions for different browsers. It allows users to store ETH and other ERC-20 tokens as well. Users can install a browser extension or download a desktop application, if they desire added security and privacy.

However, as Denley revealed, this wasn’t all it was doing. The wallet’s extension secretly sends all the private keys to the wallets created on the platform to a third party website. With these private keys, the third party can access the crypto stored on the wallets freely and at will.

The wallet’s extension also injects malicious JavaScript code once its users visit five popular crypto platforms. These are MyEtherWallet, Binance, IDEX, Switcheo and NeoTracker.io. Once the code executes, it gives the malicious party the ability to access and steal login credentials to these sites. This data is also sent to the same website as the private keys.

The Chrome extension has since been taken down. However, it was already installed over 600 times. A few of the users had already noticed something was amiss, with poor reviews on Chrome and complaints on Shitcoin Wallet’s Telegram page.

“It steals your login data and your tokens do not download it is a scam,” says one disgruntled user. Another user on Telegram stated “It is a virus ransomware encrypting your files and ask for money.”

ETH Shitcoin Wallet steals data from Chrome users

Shitcoin Wallet has yet to come out and clarify its position on the accusations. While it’s possible that it was a scam all alongthe name itself is quite suspiciousit’s also possible that a third party compromised the Chrome extension.

Recommended for you

BIT Mining hit with $10M fine over bribery charges
In its previous existence as a casino and sports lottery firm, BIT Mining reportedly paid $2 million in bogus consultation...
November 21, 2024
Donald Trump’s role in the ‘crypto’ boom
Donald Trump pledged to make the United States the "crypto capital of the world." For the first time in nearly...
November 21, 2024
Advertisement
Advertisement
Advertisement