News Another Malicious Crypto Wallet App Stealing Private Keys and...

Another Malicious Crypto Wallet App Stealing Private Keys and Data

-

- Advertisment -Another Malicious Crypto Wallet App Stealing Private Keys and Data

Another Malicious Crypto Wallet App Stealing Private Keys and DataHarry Denley, director of security at MyCrypto, “an open-source…tool for generating ether wallets,” has warned the public about a malicious crypto wallet app called “Shitcoin Wallet,” which, according to Zero Day, “was caught injecting JavaScript code on web pages to steal passwords and private keys from cryptocurrency wallets and cryptocurrency portals.”

Shitcoin Wallet reportedly became available for download at the Google Chrome web store on December 9th. At press time, the Shitcoin Wallet is no longer available at its Google Chrome address.

Denley says any funds run through the Shitcoin Wallet extension could be lost. The application also installs malicious JavaScript code designed to steal login details and private keys when people interface with 77 websites, including several popular cryptocurrency exchanges and storage applications.

Affected legitimate applications allegedly included:

  • MyEtherWallet.com, Idex.Market, Binance.org, NeoTracker.io, and Switcheo.exchange.

According to Zero Day, “Once activated, the malicious JS code records the user’s login credentials, searches for private keys stored inside the dashboards of the five services, and, finally, sends the data to erc20wallet[.]tk.”

As well, “It is unclear if the Shitcoin Wallet team is responsible for the malicious code, or if the Chrome extension was compromised by a third-party. A spokesperson for the Shitcoin Wallet team did not reply to a request for comment before this article’s publication.”

Shitcoin Wallet is one of many cryptocurrency-stealing “wallet apps” in circulation.

Several wallet scams are profiled in Harry Denley’s end-of-year crypto security blog post, including, “The CCB Cash extension…designed to steal your login credentials… (which) stole over 12 BTC.”

Denley also wrote about scams stemming from cryptocurrency airdrops, whereby exchanges or token projects give away free crypto tokens for promotion.”Unsolicited airdrops can be useful(?),” Denley writes, “but be vigilant to inform yourself as to what they are advertising. This story investigates a big airdrop campaign that ties into a fake MyEtherWallet UI to steal your wallet secrets!”

Denley also wrote about Android APK’s (Android Package Kits) impersonating the Trezor hardware wallet, MetaMask and My Crypto Android and, “designed to steal your wallet secrets (private keys, mnemonics, etc.)…”

Reactions to the news about Shitcoin Wallet have been varied, with Ted Ahern musing on Twitter: “If you can’t trust Shitcoin Wallet, who can you trust?”



Source

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest news

Why Bitcoin Will Succeed?

If Bitcoin will succeed or not is an interesting question. For the time being, Bitcoin holds a...

Elon Musk Tweets That “Bitcoin” Is Not His Safe Word

By now, you probably know that Elon Musk appears to have knocked up his girlfriend, Grimes. And just when you...

Bitcoin Can Gain 100% In 2020 – Halving Not Priced In, Says Fundstrat

Authored by William Suberg via CoinTelegraph.com, Bitcoin can deliver 100% returns to investors in 2020 and may rise significantly in...

South Korea’s Largest Digital Asset Exchange Bithumb Might Invest $8 Million in Country’s Regulatory Free Zone

Bithumb, South Korea’s largest digital asset exchange, might invest over $8 million into the nation’s regulatory sandbox program and...
- Advertisement -Another Malicious Crypto Wallet App Stealing Private Keys and DataAnother Malicious Crypto Wallet App Stealing Private Keys and Data

As EU Regulations Tighten, Crypto Options Exchange Deribit Moving from Netherlands to Panama

Deribit, a cryptocurrency options exchange that does not currently require customers to identify themselves, will relocate to Panama from...

As EU Regulations Tighten, Crypto Options Exchange Deribit Moving from Netherlands to Panama

Deribit, a cryptocurrency options exchange that does not currently require customers to identify themselves, will relocate to Panama from...

Must read

Why Bitcoin Will Succeed?

If Bitcoin will succeed or not is...

Elon Musk Tweets That “Bitcoin” Is Not His Safe Word

By now, you probably know that Elon Musk appears...
- Advertisement -Another Malicious Crypto Wallet App Stealing Private Keys and DataAnother Malicious Crypto Wallet App Stealing Private Keys and Data

You might also likeRELATED
Recommended to you