The 3rd party wallet SAFU Wallet is apparently stealing users’ data. According to a recent report released by a Binance Angel on the official Binance community forum, it has been found that this extension is malicious and it is stealing users’ data.

Is SAFUWallet a Scam?

Ouriel Ohayon, the co-founder of ZenGo, reported on Twitter that the wallet extension SAFU Wallet is apparently stealing lots of funds by injecting malicious code to users.

Wallet hack alert: DO NOT use and report that Wallet extension. It has stolen already lots of funds by injecting malicious code ⁦⁦@cz_binance⁩ you may want to look at this because it specifically called after your fund. cc ⁦@rambo1stbld⁩ https://t.co/JSgZQ0ieGA — Ouriel Ohayon (@OurielOhayon) October 11, 2019

One of the users said about this situation:

“My Memonic phrase has been hacked, when I insert into SAFU wallet, all my funds have been stolen. I have contacted Binance support team, hoping to get my funds back.”

As per the Binance angel, a whitehat hacker said that by inspecting the SAFU code, he found that they are injecting dynamically this script https://safuwallet.tk/inside.js in every page that is being loaded.

At the same time, they use an obfuscation tool in order to make it hard to see it. Nevertheless, the whitehat hacker explained that they are targetting MEW, Index & Binance to send information using background script to 4 different endpoints of the same domain. Thus, wallets created are automatically shared to them.

The Binance community recommends users that have installed this wallet to uninstall it as soon as possible. In addition to it, they are also asking the community to contact one of the admins of the @BinanceDEXchange group on Telegram to share any information with them.

Individuals that have experienced loses are recommended to share their feedback about the whole situation with transaction data, the place from where individuals downloaded the app or any other type of useful information.

Several users on the Binance blog have already shared their experiences explaining how SAFU Wallet stole their funds. Many of them lost hundreds of dollars in crypto tokens.

At the moment, the SAFU Wallet Google Chrome site is not available after requests from the community to delete the extension.

The wallet was used by individuals that wanted to have access to the Binance Chain platform. The name of the wallet is related to a meme that the crypto community created related to the user “Bizonacci” that uploaded a video titled “Funds Are Safu.”

This came after unscheduled maintenance in which Changpeng Zhao, the CEO of Binance, tweeted the phrase: “Funds are safe.”