Advertise
CoinTrust
BTC
ETH
BCH
SOL
DOGE
SHIB
  • News
  • Bitcoin
  • Ethereum
  • Altcoin
  • Market Cap
  • Learn
    • Buying Crypto
    • Crypto Mining
    • Crypto Exchanges
    • Knowledge
  • Crypto Casinos
    • Bitcoin Casinos
    • New Crypto Casinos
    • No KYC Crypto Casinos
    • Anonymous Crypto Casinos
    • VPN Friendly Crypto Casinos
    • Bitcoin Poker
    • Crypto Poker
    • Bitcoin Bingo
    • USDT Casinos
    • Offshore Online Casinos
    • Bitcoin Betting Sites
    • Crypto Sports Betting
    • Reddit’s Best Bitcoin and Crypto Casinos
No Result
View All Result
CoinTrust
  • News
  • Bitcoin
  • Ethereum
  • Altcoin
  • Market Cap
  • Learn
    • Buying Crypto
    • Crypto Mining
    • Crypto Exchanges
    • Knowledge
  • Crypto Casinos
    • Bitcoin Casinos
    • New Crypto Casinos
    • No KYC Crypto Casinos
    • Anonymous Crypto Casinos
    • VPN Friendly Crypto Casinos
    • Bitcoin Poker
    • Crypto Poker
    • Bitcoin Bingo
    • USDT Casinos
    • Offshore Online Casinos
    • Bitcoin Betting Sites
    • Crypto Sports Betting
    • Reddit’s Best Bitcoin and Crypto Casinos
No Result
View All Result
CoinTrust
No Result
View All Result

Home » Cybersecurity Expert Discovers Ethereum Wallet of Injecting Malicious Javascript to Steal Data

Cybersecurity Expert Discovers Ethereum Wallet of Injecting Malicious Javascript to Steal Data

Kelly Cromley by Kelly Cromley
Jan 1, 2020
in Ethereum News, Market News, News
Reading Time: 3 mins read
0

Harry Denley, cybersecurity and anti-phishing expert, has cautioned crypto enthusiasts and Ether (ETH) investors that an Ethereum (ETH) wallet, referred to as “Shitcoin Wallet” is infusing malicious javascript code from browser windows to embezzle confidential user data in the system. In this regard, Denley issued a tweet on December 30, cautioning about the breach.

As per Denley’s tweet, Chrome browser crypto wallet software Shitcoin Wallet is hitting MyEtherWallet, Binance and other popular platforms containing private keys and passwords for accessing cryptocurrency holdings.

⚠️ A browser crypto wallet is injecting malicious JS to steal secrets from @myetherwallet @idexio @binance @neotrackerio @SwitcheoNetwork

Extension-native wallet create also sends secrets to their backend!

Bad guys: erc20wallet[.]tk
ExtensionID: ckkgmccefffnbbalkmbbgebbojjogffn pic.twitter.com/TE2iw5d8Md

— harrydenley.eth ◊ (@sniko_) December 31, 2019


The Shitcoin Wallet Chrome extension-ExtensionID: ckkgmccefffnbbalkmbbgebbojjogffn – functions by downloading several javascript files from an isolated server. The code then scans for browser windows that are open and loaded with webpages of cryptocurrency exchanges and Ethereum network tools.

The code puts effort to transfer data to a remote server, identified as “erc20wallet.tk,” through the open windows. The high-level domain address of the server belongs to Tokelau, a chunk of South Pacific Islands under the administration of New Zealand.

The saga of Shitcoin Wallet thieving user info follows recent news of Apple threatening to delist the mobile DApp browser of Coinbase from app store and Google booting out Ethereum wallet app MetaMask from Play Store last week.

Both developments have been a subject of controversy due to non-availability of proof of malicious behavior by the apps. Several cryptojacking extensions were discovered on the Google Chrome web store in 2019.

As per the latest report from McAfee Labs, cryptojacking, which refers to a scenario where a user’s system is utilized to mine cryptocurrency without authorization, is on the rise, reflecting an increase of 29% in the first quarter of 2019.

While the name itself acts as a warning and would keep cautious investors away, Shitcoin Wallet also contains some dubious features. As per a company’s blog post, the Ethereum wallet was launched on December 9 and has roughly 2,000 users. It is a web based wallet having numerous extensions for various browsers. The blog post states:

“It is a web wallet which has several extensions for different browsers, which I will discuss further in the article.”

However, the statement does not match with the sentence at the end of the blog post, which points out that Shitcoin Wallet is offered only as a Chrome extension.

Just few days before the malicious javascript attack, Shitcoin Wallet launched its latest desktop app, rewarding 0.05 ETH to users who install the wallet’s desktop app. Even though they have received a miniscule amount as reward in the form of Ether, their system is now vulnerable for data theft.

Previous Post

Wells Fargo Analyst Forecasts Boom in Tech Savvy Banking Stocks

Next Post

Turkey Takasbank’s Blockchain Platform For Digital Gold Transfers Goes Online

Related Posts

Ripple and SEC Press Judge Torres to Approve Settlement Ending XRP Case

Ripple and SEC Press Judge Torres to Approve Settlement Ending XRP Case

by Mostafijur Rahman
Jun 19, 2025
0

After nearly four years of legal battles, Ripple Labs and the U.S. Securities and Exchange Commission (SEC) have jointly submitted...

hedera-partners-with-binary-holdings

Hedera Teams Up with The Binary Holdings for Southeast Asia Push

by Kelly Cromley
Jun 19, 2025
0

The Hedera Foundation has announced a significant partnership with The Binary Holdings, a leading Web3 distribution infrastructure firm, to bring...

zerohash-supports-polkadot-assets

Zerohash Expands Support for Polkadot-Based Assets

by Kelly Cromley
Jun 19, 2025
0

Zerohash, a prominent infrastructure provider in the digital asset space, has officially announced the extension of its platform capabilities to...

fc-barcelona-unveils-web3-wallet-barca-pass

FC Barcelona Unveils Web3 Wallet Barça Pass to Elevate Global Fan Engagement

by Kelly Cromley
Jun 19, 2025
0

FC Barcelona has launched its first official Web3 wallet, known as Barça Pass, marking a significant step in integrating blockchain...

antix-partners-with-gain-ventures-to-accelerate-web3-growth

Antix and Gain Ventures Join Forces to Accelerate Web3 Growth

by Kelly Cromley
Jun 19, 2025
0

Aiming to shape the next wave of innovation in decentralized technology, Antix has unveiled a new strategic partnership with Gain...

trusty-blockchain-platform-for-agri-food-supply-chain-tracking

Blockchain Boosts Cocoa Traceability Amid EU Sustainability Push

by Kelly Cromley
Jun 19, 2025
0

In response to the mounting regulatory pressures within the European Union, particularly around sustainability and deforestation, a Bologna-based startup named...

Next Post
Turkey Takasbank’s Blockchain Platform For Digital Gold Transfers Goes Online

Turkey Takasbank’s Blockchain Platform For Digital Gold Transfers Goes Online

  • Collé Ai

    Collé: Pioneering AI Web3 Platform Receives Investment Boost from BlackRock

    by Kelly Cromley
    May 13, 2024
  • Router Protocol and OpenWorldSwap Partnership to Revolutionize DEX Market

    by Kelly Cromley
    Aug 6, 2024
  • Central Bank of Saudi Arabia Teams Up with Ripple to Transform Cross-Border Settlements

    by Kelly Cromley
    Aug 17, 2023
  • GameStop’s Digital Transformation: Embracing Blockchain and NFTs

    by Kelly Cromley
    Feb 2, 2025
  • Blockchain Based Sports Platform SportsMint Unveiled

    by Kelly Cromley
    Apr 30, 2024

Recent News

Ripple and SEC Press Judge Torres to Approve Settlement Ending XRP Case
Market News

Ripple and SEC Press Judge Torres to Approve Settlement Ending XRP Case

by Mostafijur Rahman
Jun 19, 2025
hedera-partners-with-binary-holdings
Market News

Hedera Teams Up with The Binary Holdings for Southeast Asia Push

by Kelly Cromley
Jun 19, 2025
zerohash-supports-polkadot-assets
Market News

Zerohash Expands Support for Polkadot-Based Assets

by Kelly Cromley
Jun 19, 2025
fc-barcelona-unveils-web3-wallet-barca-pass
Market News

FC Barcelona Unveils Web3 Wallet Barça Pass to Elevate Global Fan Engagement

by Kelly Cromley
Jun 19, 2025
antix-partners-with-gain-ventures-to-accelerate-web3-growth
Market News

Antix and Gain Ventures Join Forces to Accelerate Web3 Growth

by Kelly Cromley
Jun 19, 2025

Categories

  • Altcoin News
  • Analysis News
  • Binance Coin News
  • Bitcoin News
  • Blog
  • Cardano News
  • Ethereum News
  • ICO News
  • Legislation News
  • Market Forecasts
  • Market News
  • News
  • Ripple News
  • Solana News
  • Tether News
  • XRP
Trustpilot

Cointrust

  • About Us
  • Contact Us
  • Correction Request
  • Our Team

Legal

  • Disclaimer
  • Terms & Conditions
  • Privacy Policy
  • Cookie Policy

Popular

  • ICO Listings
  • Knowledge Base
  • All about Mining
  • Cryptocurrency Exchanges
  • How and Where to buy Cryptocurrency

Sitemap

  • News section
  • Sitemap
  • XML Sitemap

© 2024 CoinTrust.com.

CoinTrustCoinTrust

* DISCLAIMER: All information provided in CoinTrust is merely for informational purposes, we are not an investment advisor and not affiliated with any companies or ICO/Cryptocurrency Projects. To use this website you must accept our cookie policy, Disclaimer and Privacy Policies.

No Result
View All Result
  • News
  • Bitcoin
  • Ethereum
  • Altcoin
  • Market Cap
  • Learn
    • Buying Crypto
    • Crypto Mining
    • Crypto Exchanges
    • Knowledge
  • Crypto Casinos
    • Bitcoin Casinos
    • New Crypto Casinos
    • No KYC Crypto Casinos
    • Anonymous Crypto Casinos
    • VPN Friendly Crypto Casinos
    • Bitcoin Poker
    • Crypto Poker
    • Bitcoin Bingo
    • USDT Casinos
    • Offshore Online Casinos
    • Bitcoin Betting Sites
    • Crypto Sports Betting
    • Reddit’s Best Bitcoin and Crypto Casinos

© 2024 CoinTrust.com.

We use cookies to ensure that we give you the best experience on our website.
If you continue to use this site you agree to allow us to use cookies, in accordance with our Cookie Policy.
I Agree