Chrome extension caught stealing crypto-wallet private keys

A Google Chrome extension named Shitcoin Wallet is stealing passwords and wallet private keys, security researcher says. Learn more about this malicious extension: 

A Google Chrome extension was caught injecting JavaScript code on web pages to steal passwords and private keys from cryptocurrency wallets and cryptocurrency portals.

The extension is named Shitcoin Wallet (Chrome extension ID: ckkgmccefffnbbalkmbbgebbojjogffn), and was launched last month, on December 9.

According to an introductory blog post, Shitcoin Wallet lets users manage Ether (ETH) coins, but also Ethereum ERC20-based tokens -- tokens usually issued for ICOs (initial coin offerings).

The link for this article located at ZDNet is no longer available.