Badly Named with Bad Intents
The extension is rather tastelessly named, holding an extension ID of . The extension launched last month, or rather last year, on the 9th of December, 2019.
The introductoryto this extension, the group behind it describes Shitcoin Wallet as a wallet that allows users to manage Ether (ETH) coins properly. Coupled with this, Shitcoin Wallet allows for ERC20-based tokens as well, the kind of tokens usually doled out by way of Initial Coin Offerings or ICOs.
Very Convenient, But Tarnished
This Chrome extension, if it were only benign, served an instrumental purpose. Users could install the extension and manage both ETH and itswithin their own web browser. Furthermore, users are capable of installing a desktop app for Windows should they wish to manage their funds outside the bounds of a browser’s higher-risk environment.
Things started to fall apart afterward, with Harry Denley being the instigator of the collapse. Denley is the Director of Security at the MyCrypto platform and discovered that the extension held malicious code inside it. It seems nothing can just be for the good of all humanity.
Denley explained that the extension was dangerous in two significant ways. The first was that any form of funds that were managed directly within the extension was at risk. This is due to the extension sending the private keys of any, and all wallets managed or created within its interface to a third party website, located at the address erc20wallet[.]tk.
Step By Step
Remember, all trading carries risk. Views expressed are those of the writers only. Past performance is no guarantee of future results. The opinions expressed in this Site do not constitute investment advice and independent financial advice should be sought where appropriate. This website is free for you to use but we may receive commission from the companies we feature on this site.
This story has been published from a wire agency feed without modifications to the text. Only the headline has been changed.