Extension for management of crypto-keys steals data

Get a free Techzine subscription!

According to researchers, an extension for Google Chrome that should make it easier for owners of multiple crypto-wallets to manage them, turns out to run off with those keys.

In a twitter post, Harry Denley, security director at MyCrypto, states that an app called Shitcoin Wallet can be dangerous for users in two ways. First of all, it can be dangerous when users actually put crypto in the wallet (Ether), as the extension forwards the keys of each created wallet to an external web page.

In addition, a JavaScript is also activated when Shitcoin users access certain web pages. The five sites in question are well-known platforms for the management of crypto. The login details of these platforms are then also sent to the external domain.

External client not much more secure

Where the extension is no longer in the Chrome store, the external client (32- and 64-bit) can still be downloaded. At the end of last year, the number of users of the extension was still over six hundred in the Chrome store. Whereas that extension only used the login details of crypto-wallets, the app seems to be even worse. Users stated on the Telegram channel that the app contains ransomware and locks data until payment is made.

MyCrypto warns against using browser extensions to manage Crypto, but also believes that it can, in some cases, be useful to manage wallets via such methods. Checking which functions the extension can access and taking a critical look at them is already a good start, according to Denley.