By Leah Hutton (Luxembourg)
An Ethereum Browser wallet has tried to inject into the malicious Javascript code in order to steal secrets.
Shitcoin wallet that is working as a Chrome browser extension and a Desktop app for windows, has made an attempt to steal and scrape the data from other open windows.
Security expert warns about the breach
This breach has been noticed by a security expert Harry Denley. He identified the code and then warned about this potential breach in a tweet. He says that a crypto browser wallet has tried to inject into the JS in order to steal from some of the websites.
https://twitter.com/sniko_/status/1211841389299982336
He also posted the Extention ID on Twitter that is “ExtensionID: ckkgmccefffnbbalkmbbgebbojjogffn”. He said that the Shitcoin wallet extension chrome downloaded several JS files from a remote server.
Binance and IDEX were on the hit list
This crypto browser wallet has targeted several crypto websites. Binance and IDEX crypto exchanges were on the hit list of this code. The other websites that were on the target list of code are MyEtherWallet, NEO Tracker, and Switcheo. The code specifically looks for the password and private keys.
Also read:The code first finds out the browser windows that are opened on several websites and then attempts to scrape data and secrets from them. And after scraping the data it sends it to the remote server that is erc20wallet.tk.
Shitcoin wallet is covered by insurance as its website claims. And the website also stated that you do not need to worry about any hacking activity because your private keys are stored in your local PC.
At Tokenhell, we help over 5,000 crypto companies amplify their content reach—and you can join them! For inquiries, reach out to us at info@tokenhell.com. Please remember, cryptocurrencies are highly volatile assets. Always conduct thorough research before making any investment decisions. Some content on this website, including posts under Crypto Cable, Sponsored Articles, and Press Releases, is provided by guest contributors or paid sponsors. The views expressed in these posts do not necessarily represent the opinions of Tokenhell. We are not responsible for the accuracy, quality, or reliability of any third-party content, advertisements, products, or banners featured on this site. For more details, please review our full terms and conditions / disclaimer.