Cryptocurrencies

Google Play caught hosting app designed to steal cryptocurrency

Google Play has been hosting an app that uses malware to steal cryptocurrency from users, security experts claim.

The app, which impersonated a legitimate crypto service called MetaMask, copies wallet addresses using ‘clipper’ malware, according to a blog post from Eset.

Lukas Stefanko, the blog post’s author, explains: “For security reasons, addresses of online cryptocurrency wallets are composed of long strings of characters. Instead of typing them, users tend to copy and paste the addresses using the clipboard.

“A type of malware, known as a ‘clipper’, takes advantage of this. It intercepts the content of the clipboard and replaces it surreptitiously with what the attacker wants to subvert.

“In the case of a cryptocurrency transaction, the affected user might end up with the copied wallet address quietly switched to one belonging to the attacker.”

The malware’s purpose is to steal the victim’s credentials and private keys to gain control over the victim’s funds. It can replace both Bitcoin and Ethereum wallet addresses copied to the clipboard with one belonging to the attacker.

The app was removed by Google after a tip-off from Eset.

‘Dangerous malware’

Stefanko added: “This dangerous form of malware first made its rounds in 2017 on the Windows platform and was spotted in shady Android app stores in the summer of 2018.

“In February 2019, we discovered a malicious clipper on Google Play, the official Android app store.”

He advises users to keep their Android devices updated and use a reliable mobile security solution.

Users should also stick to the official Google Play store when downloading apps – but always check the official website of the app developer or service provider for the link to the official app.

“If there is not one, consider it a red flag and be extremely cautious to any result of your Google Play search,” he added.

 

Sam Webb

Sam has nearly two decades of reporting experience and has previously worked for The Mail, The Sun, The Mirror, The Daily Star and numerous trade publications. As a freelancer, he has had stories picked up by media outlets throughout the world including Fox News, The Times and News.com.au. He focuses on foreign news and is keenly interested in how crypto is used by criminals and terrorists.

Disqus Comments Loading...

Recent Posts

Here is why Bitcoin is still a lucrative investment in 2024

Those who enter the market at this time may be surprised to hear that Bitcoin…

4 weeks ago

Zircuit Launches ZRC Token: Pioneering the Next Era of Decentralized Finance

George Town, Grand Cayman, 22nd November 2024, Chainwire

4 weeks ago

The surge of Bitcoin NFTs: Everything you should know about Bitcoin ordinals

From digital art to real-estate assets, NFTs have become a significant attraction for investors who…

2 months ago

MEXC Partners with Aptos to Launch Events Featuring a 1.5 Million USDT Prize Pool

Singapore, Singapore, 21st October 2024, Chainwire

2 months ago