The antivirus company ESET reported that its specialists on Google Play found several applications to steal cryptocurrencies from users. The activity of cybercriminals is associated with the positive dynamics of the cryptocurrency rate.
One of the programs was disguised as the Trezor wallet mobile app. The description is not suspicious – the program looks like a legitimate service, Trezor Inc. appears as the developer. In addition, the search results showed this app on the second line, right below the official app.
ESET's research concluded that Trezor's user savings are not at risk due to the multi-factor protection system. However, the fake app is linked to another fake program that aims to steal cryptocurrency.
After installing and launching the fake Trezor program, a window pops up to enter your account information. Then they are sent to the cybercriminals' server located at coinwalletinc.com. This site contains a link to download the Coin Wallet app for creating multiple crypto wallets.
The creators assure that the program generates addresses to which savings can be transferred. In reality, users transfer cryptocurrency to the addresses of the attackers.
The Coin Wallet application was uploaded to Google Play in February of this year. During this time, it has been downloaded 1,000 times.
ESET contacted Trezor representatives and reported the threat. The developer confirmed the absence of danger for users, but expressed concern – a fake application collects the email addresses of victims, which can be used for phishing attacks.
Trezor and Coin Wallet are currently not available on Google Play.