An Ethereum wallet available as a Chrome browser extension has been found to be injecting malicious javascript code. ‘Shitcoin Wallet’ tries to scrape data from other open windows and send it to a remote server.

MyEtherWallet And Binance Among Those Targeted
The code was identified by security and anti-phishing expert, Harry Denley, who warned about the potential breach in a tweet.

⚠ A browser crypto wallet is injecting malicious JS to steal secrets from @myetherwallet @idexio @binance @neotrackerio @SwitcheoNetwork
Extension-native wallet create also sends secrets to their backend!
Bad guys: erc20wallet[.]tkExtensionID: ckkgmccefffnbbalkmbbgebbojjogffn
— harrydenley.eth ◊ (@sniko_) December 31, 2019

The ‘Shitcoin Wallet’ Chrome extension (ExtensionID: ckkgmccefffnbbalkmbbgebbojjogffn) downloads a number of javascript files from a remote server.
This code looks for other browser windows, open on the webpages of a number of exchanges and Ethereum network tools. It then attempts to scrape data input into…

Click to continue reading on its source location…