Chrome extension caught stealing crypto-wallet private keys

    Date01 Jan 2020
    CategoryCryptography
    425
    Posted ByBrittany Day
    LS Hmepg 337x500 34

    A Google Chrome extension named Shitcoin Wallet is stealing passwords and wallet private keys, security researcher says. Learn more about this malicious extension: 

    A Google Chrome extension was caught injecting JavaScript code on web pages to steal passwords and private keys from cryptocurrency wallets and cryptocurrency portals.

    The extension is named Shitcoin Wallet (Chrome extension ID: ckkgmccefffnbbalkmbbgebbojjogffn), and was launched last month, on December 9.

    According to an introductory blog post, Shitcoin Wallet lets users manage Ether (ETH) coins, but also Ethereum ERC20-based tokens -- tokens usually issued for ICOs (initial coin offerings).

    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"81","type":"x","order":"1","pct":56.25,"resources":[]},{"id":"88","title":"Should be more technical","votes":"21","type":"x","order":"2","pct":14.58,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"42","type":"x","order":"3","pct":29.17,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.