Malicious Behavior with the extension
Harry Denley, Director of Security at the MyCrypto platform, discovered that the chrome extension isn't what it promises to be. He found malicious code within the extension. In a blog, zdnet reported that, "According to Denley, the extension is dangerous to users in two ways. First, any funds (ETH coins and ERC0-based tokens) managed directly inside the extension are at risk. Second, the extension also actively injects malicious JavaScript code when users navigate to five well-known and popular cryptocurrency management platforms. "
Danley, said that the extension traffics all the keys on its system to a third party website at erc20wallet[.]tk.
The malicious code works by the following process
1. The user install the chrome extension Shitcoin Wallet. 2. The extension request permission to inject the malicious JavaScript code to 77 websites. 3. If the user navigates to any of these 77 websites, it injects an additional code . 4.The code activates on five websites: MyEtherWallet.com, Idex.Market, Binance.org, NeoTracker.io, and Switcheo.exchange 5. After activation, the code saves the user's login credentials, keys and other data then siphon it to a third party.
It is not constructively clear yet if the Shitcoin ..
Support the originator by clicking the read the rest link below.
