PSA: If you own crypto and use this Google Chrome extension, delete it immediately
Is anyone surprised that something called “Shitcoin” wasn’t legit?
If you’re one of the hundreds of users that installed the Shitcoin Wallet extension for Google Chrome, delete it immediately. That’s because it’s also stealing your private keys and login details, as discovered by Harry Denley, Director of Security at the MyCrypto platform, on the last day of 2019.
The wallet extension promised to let users manage their Ether (ETH), cryptocoins, and other ERC20-based coins, but really it was after your crypto cash.
This Chrome extension was found stealing crypto, delete it immediately
Now, before you get the pitchforks out, just know this extension had only been installed by 600 users or so before Google yanked it from the Chrome Store. If you did install it, hopefully, you didn’t go to any of the 77 sites that the malicious code uses as a trigger.
The crypto-jacking extension has a few parts to it, before whoever is responsible for it can steal your cash:
- The extension needs to be installed by the user
- Then once the user navigates to any of those sites, the extension loads an additional JS file from https://erc20wallet[.]tk/js/content_.js
- That JS file then activates on the following sites: MyEtherWallet.com, Idex.Market, Binance.org, NeoTracker.io, and Switcheo.exchange
- Once activated, the extension scans for login details, private keys inside your user area of those five sites, and then sends all the data to erc20wallet[.]tk
Yikes, that’s the digital version of someone copying your housekeys… We haven’t heard that anyone has lost their crypto coins yet, but be safe out there. Don’t install sketchy looking extensions, don’t hold your crypto assets on exchanges, and set up two-factor authentication on every single account you own that has the feature.
- Ring security cams lack one major feature: security
- Firefox now blocks third-party tracking cookies and cryptomining by default
- A recent Chrome update is misplacing data from your Android apps
- PSA: If you’re using these Chrome and Firefox extensions, delete them right now