Apps to steal cryptocurrency found on Google Play

Antivirus company ESET announced the detection of new malicious applications by its specialists on Google Play. The programs were disguised as legitimate cryptocurrency services and were designed to steal user credentials. The counterfeits imitated the official services NEO, Tether and MetaMask for cryptocurrency users.

Apps to steal cryptocurrency found on Google Play

The MetaMask application (a wallet for the Ethereum cryptocurrency) operated according to the classic phishing scheme. After installation and launch, the user was prompted to enter a private key and password from his cryptocurrency wallet – these data were then at the disposal of the attackers.

The second scheme is fake wallets, this is how NEO and Tether applications, created by the same author (group of authors), operated. Real cryptocurrency wallets generate a private key and a public address for the user to transfer funds. The forgeries instead showed the user the attackers' public wallet address. Cryptocurrency transferred to such an address cannot be returned without a private key, which can only be accessed by cybercriminals.

Fake apps are created using a widely available mobile app builder that allows you to 'build' such apps without any special knowledge or skills.

After a request from ESET specialists, malicious applications were removed from Google Play.

Rate article
About smartphones.
Add a comment