BSV
$53.19
Vol 29.25m
0.8%
BTC
$95420
Vol 44134.7m
-1.73%
BCH
$446.53
Vol 305.05m
-1.91%
LTC
$99.64
Vol 728.88m
-0.84%
DOGE
$0.31
Vol 4360.02m
-2.27%
Getting your Trinity Audio player ready...

An Ethereum wallet extension on Chrome has been discovered to steal user data, including login credentials to some popular crypto platforms. Known as Shitcoin Wallet, it keeps track of all the private keys for its users and also injects their computers with malicious code.

The wallet’s irregularities were discovered by Harry Denley, the director of security at MyCrypto, a tool that lets you interact with the blockchain. 

https://twitter.com/sniko_/status/1211841389299982336

Shitcoin Wallet was launched last December 9. The team behind the wallet described it as a secure web wallet that comes with several extensions for different browsers. It allows users to store ETH and other ERC-20 tokens as well. Users can install a browser extension or download a desktop application, if they desire added security and privacy.

However, as Denley revealed, this wasn’t all it was doing. The wallet’s extension secretly sends all the private keys to the wallets created on the platform to a third party website. With these private keys, the third party can access the crypto stored on the wallets freely and at will.

The wallet’s extension also injects malicious JavaScript code once its users visit five popular crypto platforms. These are MyEtherWallet, Binance, IDEX, Switcheo and NeoTracker.io. Once the code executes, it gives the malicious party the ability to access and steal login credentials to these sites. This data is also sent to the same website as the private keys.

The Chrome extension has since been taken down. However, it was already installed over 600 times. A few of the users had already noticed something was amiss, with poor reviews on Chrome and complaints on Shitcoin Wallet’s Telegram page.

“It steals your login data and your tokens do not download it is a scam,” says one disgruntled user. Another user on Telegram stated “It is a virus ransomware encrypting your files and ask for money.”

ETH Shitcoin Wallet steals data from Chrome users

Shitcoin Wallet has yet to come out and clarify its position on the accusations. While it’s possible that it was a scam all alongthe name itself is quite suspiciousit’s also possible that a third party compromised the Chrome extension.

Recommended for you

Who wants to be an entrepreneur?
Embodying the big five personality traits could be beneficial for aspiring entrepreneurs, but Block Dojo shows that there is more...
December 20, 2024
UNISOT, PSU China team up for supply chain business intelligence
UNISOT revealed a new partnership with business intelligence and research firm PSU China, which will combine its data with UNISOT's...
December 20, 2024
Advertisement
Advertisement
Advertisement