Computer security threats can come through many different methods. However, the browser is one of the most important input sources. When we talk about extensions, we must bear in mind that they are very interesting complements, but they can also pose a significant security risk. Today we echo a new malicious extension that affects Google Chrome and steals passwords and private keys of cryptocurrency wallets.
Shitcoin Wallet, the latest malicious extension for Chrome
This is a recent extension, since it was launched less than a month ago. It is present in Google Chrome , which is today the most popular browser and used by users. This means that there may be many potential victims of this problem.
The goal of Shitcoin Wallet is to allow users to manage cryptocurrencies like Ethereum, as well as tokens based on this digital currency. It should be mentioned that it is available both as a browser extension and also as a desktop application for Windows.
The point is that this Shitcoin Wallet extension did n’t really offer what it promised. It contains malicious code that can steal and send all private keys of wallets created or managed through its interface.
But on top of that the extension also injects malicious JavaScript code when users browse certain popular cryptocurrency management platforms. The goal is none other than steal credentials and passwords to log in.
How this malicious extension works
According to computer security experts who have detected the threat, once the victim installs the extension in Google Chrome, they will request permissions to inject JavaScript into a list of 77 pages . Later, when users browse any of these 77 pages, the extension loads and injects a JavaScript file.
That file contains hidden code that is activated on certain pages and once activated it can steal passwords and data to log in. You can search for private keys to achieve your goal.
At the moment it is unknown if this extension is malicious by nature or has suffered an attack by third parties. Once again we are facing a case that demonstrates the danger of extensions for browsers. That is why we must take precautions when installing this type of software on our computers.
How to install extensions safely
The first and most important thing is to always do it from official sources . This way we make sure to install software that has not been modified maliciously. We also need to consult very well the information of this complement, as well as assessments and comments that may be negative.
Once we have the extension installed it is vital that we keep it updated . Sometimes vulnerabilities may arise that are corrected by updates and patches. We need to keep that in mind.
Finally, we must also check the permissions we give to that extension. This is essential to prevent data theft and see how our privacy is compromised.
