EtherscamDB project manager Harry Denley announced the NoCoin extension, which stole users' private keys. The malware has already been removed from the Google Chrome online store, but it has been downloaded over 200 times.
It is noteworthy that NoCoin was disguised as an extension to protect against hidden mining (cryptodikeking). However, after installation, the program stole private keys from the popular MyEtherWallet and Blockchain.com wallets.
“From the very beginning, it looked as if it [the extension] did what it was supposed to – it discovered various scripts for cryptodikeking. He had a nice interface that showed me that the program was doing its job, ”said Denley.
Previously, Kaspersky Lab reported a Razy trojan that steals cryptocurrency wallets.