Satoshi Nakamoto Blog
Image default
Bitcoin Cryptocurrency cybersecurity digital ESET Ethereum Financial Crime & Fraud Google Play homepage-featured-4 MetaMask mobile

First crypto clipper malware found on Google Play – FinTech Futures


The crypto world is yet again beset by criminal activity as the first clipper malware has been found on Google Play.

Malware’s primary purpose is to gain control over victim’s Ethereum funds

Thanks to the research and skills of WeLiveSecurity (part of security software firm ESET), it explains that cryptocurrency stealers replace a wallet address in the clipboard. It was previously limited to Windows or “shady” Android app stores.

The clipper it found lurking in the Google Play store, detected as Android/Clipper.C, impersonates a legitimate service called MetaMask.

The malware’s primary purpose is to steal the victim’s credentials and private keys to gain control over the victim’s Ethereum funds. However, it can also replace a Bitcoin or Ethereum wallet address copied to the clipboard with one belonging to the attacker.

WeLiveSecurity says for security reasons, addresses of online cryptocurrency wallets are composed of long strings of characters.

Instead of typing them, users tend to copy and paste the addresses using the clipboard. A type of malware, known as a “clipper”, takes advantage of this.

It intercepts the content of the clipboard and replaces it surreptitiously with what the attacker wants to subvert.

In the case of a cryptocurrency transaction, the affected user might end up with the copied wallet address quietly switched to one belonging to the attacker.

This dangerous form of malware first made its rounds in 2017 on the Windows platform and was spotted in these “shady” Android app stores in the summer of 2018.

There is good news as the firm reported the discovery to the Google Play security team, who removed the app from the store.

Several malicious apps have been caught previously on Google Play impersonating MetaMask. However, they merely phished for sensitive information with the goal of accessing the victims’ cryptocurrency funds.

In terms of advice to stay safe from clippers and other Android malware, WeLiveSecurity recommends keeping Android devices updated and sticking to the official Google Play store when downloading app,

In addition, always check the official website of the app developer or service provider for the link to the official app. If there is not one, “consider it a red flag and be extremely cautious to any result of your Google Play search”.





Source link

Related posts

New York’s a wonderful town for Fiserv DNA – FinTech Futures

satoshi

Four More Malicious Cryptocurrency Apps on Google Play

satoshi

Cyber breaches abound in 2019

satoshi

Tiberius Delays Sale of Commodities Backed “Tiberius Coin”

satoshi

IoT Projects Expected to Deliver Payback in Less Than Three Years, Says New Fujitsu Survey – Irish Tech News

satoshi

FaceTime bug lets you hear call recipient before they’ve even answered

satoshi