Researchers have discovered two apps masquerading as cryptocurrency apps on Android’s app retailer, Google Play.
One of them was largely a dud. The second was designed to steal cryptocurrency, the researchers stated.
Security agency ESET stated one of many two faux Android apps impersonated Trezor, a cryptocurrency pockets. The excellent news is that app couldn’t be used to steal cryptocurrency saved by Trezor. But the researchers discovered the app was related to a second Android app which may have been used to rip-off funds out of unsuspecting victims.
Lukas Stefanko, a safety researcher at ESET — who has an extended historical past of discovering dodgy Android apps — stated the faux Trezor app “appeared trustworthy at first glance” however was utilizing a faux developer identify to impersonate the corporate.
The faux app was designed to trick customers into turning over a sufferer’s login credentials. Uploaded to Google Play on May 1, the app rapidly ranked because the second-most well-liked search consequence when looking for “Trezor” behind the official app, stated Stefanko. Users on Reddit additionally discovered the faux app and reported it as lately as two weeks in the past.
According to Stefanko, the server the place person credentials have been despatched was linked to an internet site linked to a different faux pockets, purportedly to retailer cryptocurrency, and likewise listed on Google Play since February 25.
“The app claims it lets its users create wallets for various cryptocurrencies,” stated Stefanko. “However, its actual purpose is to trick users into transferring cryptocurrency into the attackers’ wallets – a classic case of what we’ve named wallet address scams in our previous research into cryptocurrency-targeting malware.”
Both apps have been collectively downloaded greater than a thousand instances. After ESET contacted Google, the apps have been pulled offline the subsequent day.
- Half 1,000,000 Android customers tricked into downloading malware from Google Play
- Security researchers discover over a dozen iPhone apps linked to Golduck malware
- A robust spyware and adware app now targets iPhone house owners
- Google warns app builders of three malicious SDKs getting used for advert fraud
- Apple tells app builders to reveal or take away display recording code
- Apple restores Google’s inner iOS apps after certificates misuse punishment