Warning: Ethereum Wallet Injects Malicious Javascript To Steal Data

An Ethereum wallet available as a Chrome browser extension has been found to be injecting malicious javascript code. ‘Shitcoin Wallet’ tries to scrape data from other open windows and send it to a remote server.

MyEtherWallet And Binance Among Those Targeted
The code was identified by security and anti-phishing expert, Harry Denley, who warned about the potential breach in a tweet.

⚠ A browser crypto wallet is injecting malicious JS to steal secrets from @myetherwallet @idexio @binance @neotrackerio @SwitcheoNetwork
Extension-native wallet create also sends secrets to their backend!
Bad guys: erc20wallet[.]tkExtensionID: ckkgmccefffnbbalkmbbgebbojjogffn
— harrydenley.eth ◊ (@sniko_) December 31, 2019

The ‘Shitcoin Wallet’ Chrome extension (ExtensionID: ckkgmccefffnbbalkmbbgebbojjogffn) downloads a…

Click to continue reading on its source location…