据介绍，Shitcoin Wallet 允许用户管理以太（ETH）币，也可以管理基于以太坊 ERC20 的代币-通常为 ICO 发行的代币（初始代币发行）。用户可以从浏览器中安装 Chrome 扩展程序并管理 ETH coins 和 ERC20 tokens；同时，如果用户想从浏览器的高风险环境之外管理资金，则可以安装 Windows桌面应用。
However, Harry Denley, director of security for the MyCrypto platform, recently discovered that the extension contained malicious code.
According to Denley, there are two risks to the extension for users. First, any funds managed directly within the extension (ETH coins and ERC0-based tokens) are at risk. Denley says the extension sends the private keys of all wallets created or managed through its interface to erc20wallet. tk’s third-party website.
Based on the analysis of malicious code, the process is as follows:
Users install Chrome extensions
When the user navigates to any of these 77 sites, the extension loads and injects an additional JS file from the following locations: https://erc20wallet. tk/js/content_.js
This JS file contains confusing code . . . . . . . . . . . . . . . . . . . . . . . . .
The code is activated on five websites: MyEtherWallet.com, Idex.Market, Binance.org, NeoTracker.io, and Lio.exchange.
Once activated, the malicious JS code logs the user’s login credentials, searches the private key stored in the dashboards of the five services, and finally sends the data to erc20wallet. tk
It is not clear whether the Shitcoin Wallet team is responsible for malicious code, or whether the Chrome extension was corrupted by a third party.