MyEtherWallet And Binance Among Those Targeted
The code was identified by security and anti-phishing expert, Harry Denley, who warned about the potential breach in a tweet.
A browser crypto wallet is injecting malicious JS to steal secrets from @myetherwallet @idexio @binance @neotrackerio @SwitcheoNetwork
Extension-native wallet create also sends secrets to their backend!
Bad guys: erc20wallet[.]tkExtensionID: ckkgmccefffnbbalkmbbgebbojjogffn pic.twitter.com/TE2iw5d8Md
— harrydenley.eth ◊ (@sniko_) December 31, 2019
The ‘Shitcoin Wallet’ Chrome extension (ExtensionID: ckkgmccefffnbbalkmbbgebbojjogffn) downloads a…
Click to continue reading on its source location…