July 12, 2026

Malware discovered inside an Ethereum wallet — The Cryptonomist

Malware discovered inside an Ethereum wallet — The Cryptonomist

Even at the beginning of the year, criminals didn’t take time off and used the occasion to launch another attack against the crypto newbies by announcing a fake airdrop of just 0.05 ETH. In this case, the malware is hidden in an Ethereum wallet.

This is a scam designed by Shitcoin Wallet, launched just under a month ago with the fake goal of providing a web platform to receive and send tokens.

As if the name of the wallet wasn’t enough to arouse suspicion among the victims, by downloading the app the users were promised to receive 0.05 Ethereum, i.e. 6 dollars, a very low figure which, however, led many victims to fall into the trap of the hackers, roughly 2,000 according to what can be from the transaction data.

The hackers had published a post stating that the first 500 users to download the Shitcoin wallet would receive 0.05 Ethereum.

Fortunately, a was quickly published explaining that, after analysing the code of the wallet, they found a suspicious and fraudulent behaviour: after downloading the wallet, a malware would steal the information stored on platforms like Binance, MyEtherWallet or SwitcheoNetwork.

⚠️ A browser crypto wallet is injecting malicious JS to steal secrets from @myetherwallet @idexio @binance @neotrackerio @SwitcheoNetwork

Extension-native wallet create also sends secrets to their backend!

Bad guys: erc20wallet[.]tk
ExtensionID: ckkgmccefffnbbalkmbbgebbojjogffn
pic.twitter.com/TE2iw5d8Md

– harrydenley.eth ◊ (@sniko_) December 31, 2019

In addition to the web extension for Chrome, which is still active, Shitcoin wallet is also available as a desktop version and even this one has unfortunately been downloaded by many users who have reported problems with viruses blocking and encrypting files on their computers.

Before downloading a file or program it is a good idea to check the domain of the website, in the case of the Shitcoin wallet it is difficult to recover the origin or the creation of the website; moreover displays a message warning that the address of the page leads to malicious content.

The victims of this fraud have no solutions considering that they have lost both the funds and the credentials of the various services, along with all their private information, nevertheless it is certainly recommended to block the accounts involved and warn the platforms of the damage incurred.

During December alone, there have been many scams, such as the one that took advantage of Taylor Swift ‘s name or that of the activist Greta Thunberg .

Alfredo de Candia

Android developer for over 8 years with a dozen of developed apps, Alfredo at age 21 has climbed Mount Fuji following the saying: “He who climbs Mount Fuji once in his life is a wise man, who climbs him twice is a Crazy”. Among his app we find a Japanese database, a spam and virus database, the most complete database on Anime and Manga series birthdays and a shitcoin database. Sunday Miner, Alfredo has a passion for crypto and is a fan of EOS.

Published at Thu, 02 Jan 2020 09:15:15 +0000

{flickr|100|campaign}

Previous Article

Bitcoin Kicks Off 2020 More Secure Than Ever as Hash Rate Hits Record

Next Article

Bitcoin Kicks Off 2020 More Secure Than Ever as Hash Rate Hits Record

You might be interested in …

Crypto Industry News Digest – Age of Phoenix

Crypto Industry News Digest – Age of Phoenix

Crypto Industry News Digest – Age of Phoenix 🔥 Major cryptocurrency exchange Binance announced that it will open registration and deposits on its platform for United States-based clients next week. Wednesday Sept. 18 Binance.US will […]