HomeBlockchainSecurityMalware discovered inside an Ethereum wallet

Malware discovered inside an Ethereum wallet

Even at the beginning of the year, criminals didn’t take time off and used the occasion to launch another attack against the crypto newbies by announcing a fake airdrop of just 0.05 ETH. In this case, the malware is hidden in an Ethereum wallet.

This is a scam designed by Shitcoin Wallet, launched just under a month ago with the fake goal of providing a web platform to receive and send tokens.

As if the name of the wallet wasn’t enough to arouse suspicion among the victims, by downloading the app the users were promised to receive 0.05 Ethereum, i.e. 6 dollars, a very low figure which, however, led many victims to fall into the trap of the hackers, roughly 2,000 according to what can be seen from the transaction data.

The hackers had published a post stating that the first 500 users to download the Shitcoin wallet would receive 0.05 Ethereum

Fortunately, a tweet was quickly published explaining that, after analysing the code of the wallet, they found a suspicious and fraudulent behaviour: after downloading the wallet, a malware would steal the information stored on platforms like Binance, MyEtherWallet or SwitcheoNetwork.

In addition to the web extension for Chrome, which is still active, Shitcoin wallet is also available as a desktop version and even this one has unfortunately been downloaded by many users who have reported problems with viruses blocking and encrypting files on their computers.

How to be protected from these scams? 

Before downloading a file or program it is a good idea to check the domain of the website, in the case of the Shitcoin wallet it is difficult to recover the origin or the creation of the website; moreover MetaMask displays a message warning that the address of the page leads to malicious content.

The victims of this fraud have no solutions considering that they have lost both the funds and the credentials of the various services, along with all their private information, nevertheless it is certainly recommended to block the accounts involved and warn the platforms of the damage incurred.

During December alone, there have been many scams, such as the one that took advantage of Taylor Swift‘s name or that of the activist Greta Thunberg.


Alfredo de Candia
Alfredo de Candia
Android developer for over 8 years with a dozen of developed apps, Alfredo at age 21 has climbed Mount Fuji following the saying: "He who climbs Mount Fuji once in his life is a wise man, who climbs him twice is a Crazy". Among his app we find a Japanese database, a spam and virus database, the most complete database on Anime and Manga series birthdays and a shitcoin database. Sunday Miner, Alfredo has a passion for crypto and is a fan of EOS.