MyEtherWallet And Binance Among Those Targeted
The code was identified by security and anti-phishing expert, Harry Denley, who warned about the potential breach in a tweet.
A browser crypto wallet is injecting malicious JS to steal secrets from @myetherwallet @idexio @binance @neotrackerio @SwitcheoNetwork
Extension-native wallet create also sends secrets to their backend!
Bad guys: erc20wallet[.]tkExtensionID: ckkgmccefffnbbalkmbbgebbojjogffn pic.twitter.com/TE2iw5d8Md
— harrydenley.eth ◊ (@sniko_) December 31, 2019
This code looks for other browser windows, open on the webpages of a number of exchanges and Ethereum network tools. It then attempts to scrape data input into…