🔰🔍👉 The Sentinels found something interesting!
We received an anonymous report by an Uppward user through the Sentinel Portal, and it has just been confirmed. This case is not covered by any other security solution until now.
The report concerns the following developer on the Chrome Web Store: https://chrome.google.com/webstore/search/Nencer%20JSC
That developer has released these three different Chrome extensions:
https://chrome.google.com/webstore/detail/binance-desktop-tool-pro/dfaniogeeonpncknhkpikmehcafkdbkp
https://chrome.google.com/webstore/detail/poloniex-trading-tools-pr/jihdlndgkjblcjalfdcbailgdnnihdbl
https://chrome.google.com/webstore/detail/bittrex-trading-tools-ver/dncbmnodhgmffdoacahekofcalnfbpgj
The aforementioned extensions have been tested in our Sandbox. The Sentinels found that these extensions act in a malicious way by changing the deposit address on exchanges such as Binance, Bitmex, Poloniex, Bittrex, Remitano, and Bitfinex. After reviewing the code, the Sentinels discovered 15 wallet addresses being used to replace deposit addresses whenever users attempt to deposit funds on the exchanges. All three of these extensions are now blacklisted in the Sentinel Protocol TRDB along with these 15 wallet addresses found in the code. The donation address published on the Chrome Web Store has also been blacklisted.
To date, these addresses have received the following amounts of cryptocurrencies with some transactions going as far back as Dec 21, 2017:
ETH - 25.307686624534
ETC - 5.43199613
BTC - 5.18527599 (including donation address)
DASH - 0.0763047
LTC - 8.63924826
BCH - 0.42500000
We would like to remind our community to stay vigilant and not use any software from untrusted sources. Do continue to report any suspicious activity on the Sentinel Portal. Through community effort, we can make the crypto world a safer place!
We received an anonymous report by an Uppward user through the Sentinel Portal, and it has just been confirmed. This case is not covered by any other security solution until now.
The report concerns the following developer on the Chrome Web Store: https://chrome.google.com/webstore/search/Nencer%20JSC
That developer has released these three different Chrome extensions:
https://chrome.google.com/webstore/detail/binance-desktop-tool-pro/dfaniogeeonpncknhkpikmehcafkdbkp
https://chrome.google.com/webstore/detail/poloniex-trading-tools-pr/jihdlndgkjblcjalfdcbailgdnnihdbl
https://chrome.google.com/webstore/detail/bittrex-trading-tools-ver/dncbmnodhgmffdoacahekofcalnfbpgj
The aforementioned extensions have been tested in our Sandbox. The Sentinels found that these extensions act in a malicious way by changing the deposit address on exchanges such as Binance, Bitmex, Poloniex, Bittrex, Remitano, and Bitfinex. After reviewing the code, the Sentinels discovered 15 wallet addresses being used to replace deposit addresses whenever users attempt to deposit funds on the exchanges. All three of these extensions are now blacklisted in the Sentinel Protocol TRDB along with these 15 wallet addresses found in the code. The donation address published on the Chrome Web Store has also been blacklisted.
To date, these addresses have received the following amounts of cryptocurrencies with some transactions going as far back as Dec 21, 2017:
ETH - 25.307686624534
ETC - 5.43199613
BTC - 5.18527599 (including donation address)
DASH - 0.0763047
LTC - 8.63924826
BCH - 0.42500000
We would like to remind our community to stay vigilant and not use any software from untrusted sources. Do continue to report any suspicious activity on the Sentinel Portal. Through community effort, we can make the crypto world a safer place!