A Google Chrome wallet extension, called the Shitcoin Wallet, could be stealing information and even cryptocurrencies from its users.
It was reported that a Google Chrome extension could be stealing cryptocurrencies from those who decide to install it. Users must be warned about a possible danger that can be downloaded with the biggest browser of all.
This is a good opportunity to discuss Shitcoin Wallet, an ETH wallet and Google Chrome extension that has been giving much to talk about in the last weeks.
One of the latest scandals related to this wallet occurred late in 2019 when a Twitter user reported certain problems that he had with the wallet/extension.
It is worth mentioning that this user was Harry Denley, a security and anti-phishing expert. On December 30th, he claimed that Shitcoin Wallet was injecting malicious JavaScript code from the open windows of the browser to steal data from its users.
An additional alarming element in Denley’s publication is that the malicious software targets platforms such as Binance or MyEtherWallet. It does all this to obtain cryptocurrency passwords and private keys.
More Complaints against Shitcoin Wallet
It should be noted that Denley is not the only one that has complained against the Google Chrome extension. The cryptographic platform MyCrypto has also taken a stand against Shitcoin Wallet.
According to MyCrypto, the Google extension should be considered dangerous for all users for two reasons. First, all the funds controlled from the application are at risk when sending private keys through a third party. This is contrary to several user security policies that other wallets have implemented.
The second reason is that the extension injects malicious code into the browser. Therefore, if the user installs Shitcoin Wallet and then browses one of the best known cryptographic portals, the malicious software will steal the information.
According to the information provided, the code tries to copy the data input into those windows. After that, the information is sent to a remote server identified as “erc20wallet.tk,” which is the domain address of a group of islands that comprise New Zealand.
Criteria of Google
After the scandal over the Shitcoin Wallet, which broke at the same time as there was a controversy about the banning of MetaMask, many people have begun to wonder about Google’s criteria.
It is important to remember that Google banned MetaMask and removed it from Google Play for violating alleged clauses against cryptocurrency mining applications. This case was already solved and the ban on MetaMask had its ban lifted on January 1st, 2020. However, Shitcoin Wallet, which has already received several complaints about stealing information, has not yet received a warning, at least publicly, from Google.
Large companies are still trying to adapt to cryptocurrencies, so some security policies may be somewhat severe in some cases but lax in others. Just as Google reconsidered the case of MetaMask, it is expected that this year there will be some modifications in its cryptocurrency policies.
In this way, developers can be given more freedom to conduct useful projects whilst those that represent a danger to the community are banned.
By Alexander Salazar
