This Chrome Extension Was Caught Stealing Passwords and Keys
Shitcoin Wallet is an extension for Google Chrome that lets users create their own crypto wallet and manage it through their browser. There is also a Windows app if users want to manage their coins and wallet outside the browser’s environment.
The extension’s blog post reads:
Your wallet is 100% secure and you don’t need to worry about assets loss due to any hacker attack to ShitcoinWallet servers. Currently ShitcoinWallet is supported on Chrome.
However, cybersecurity expert Harry Denley has discovered that the extension contained malicious code and was stealing passwords and private keys for wallets.
The extension would inject a malicious JavaScript code once a user would navigate to a cryptocurrency management platform. This code would steal the user’s login credentials and private keys and send them to a third party website erc20wallet[.]tk
As of now, it is unclear whether the Shitcoin Wallet developer team created the extension to steal private keys or if it was compromised by a third party. The developer team has not responded to a request for comment.
The malicious extension has now been removed from the Chrome Web Store, but it has reportedly gained over 625 installs already.
Users are advised to remove the extension immediately until further notice.