Watch Out: This Ethereum App On Google Chrome Is Malicious 14

Watch Out: This Ethereum App On Google Chrome Is Malicious

While blockchains themselves are hard to hack and penetrate due to their decentralized nature, applications interacting with, say, Bitcoin and Ethereum are susceptible to hacks and other technical mishaps.

According to a recent Twitter thread published by cybersecurity and anti-phishing expert Harry Denley, a browser crypto wallet by the name “Shitcoin Wallet” — yes, that’s literally the name — has been quietly injecting malicious Javascript code into browsers to “steal secrets” from crypto-related websites, allowing for hacking to take place.

Denley’s tweets suggested that the Javascript injected by the wallet allows operators to steal “secrets,” by that I presume he means passwords and other pertinent info that would allow bad actors to steal cryptocurrency, from services like Ethereum interface MyEtherWallet, decentralized exchange IDEX, crypto giant Binance, NEO site NEOTracker, and SwitcheoNetwork.

(Notably, there have been no reports of users of the wallet seeing their Ethereum or other crypto funds stolen so far. This may stem from the fact that Shitcoin Wallet seemingly has few users compared to, say, MetaMask or MyCrypto.)

More information can be found about the technical details of the hack via Harry Denley’s tweet thread and the related links.

Ethereum Applications Under Attack

This news comes shortly after other Ethereum wallets have run into a number of issues.

It began last week when MetaMask, the leading Ethereum wallet and decentralized app browser, claimed that its Android iteration was blocked from being downloaded on the Google Play Store. The massive tech giant cited MetaMask’s purported violation of Google financial services policies, which includes a clause blocking applications from enabling cryptocurrency mining on mobile devices.

This seeming act of censorship came literal days after Youtube was found to have taken action against Bitcoin and cryptocurrency channels for publishing content promoting “regulated goods.” This debacle has since been reversed, though the MetaMask ban remains an open case.

Following this news regarding MetaMask, long-time Bitcoin and crypto entrepreneur Brian Armstrong, currently the chief executive of Coinbase, took to Reddit saying that not only Google, but “Apple [also] seems to be eliminating the usage of Dapps from the App Store.” He thus concluded that Coinbase Wallet, the firm’s Ethereum interface, may soon remove decentralized application functionality.

Photo by sebastiaan stam on Unsplash