Watch Out: 4 Fake Crypto Wallets Discovered on Google Play Store

Thursday, 15/11/2018 | 09:51 GMT by Rachel McIntosh
  • Malware researcher Lukas Stefanko warns the malware could be much more prolific than we know.
Watch Out: 4 Fake Crypto Wallets Discovered on Google Play Store
FM

Lukas Stefanko, a renowned malware researcher, published a report earlier this week revealing that he had discovered not one, not two, not three, but four fake cryptocurrency wallets on the Google Play Store.

“These threats imitate legitimate services for NEO, Tether and MetaMask. I reported these apps to Google security team and they were promptly removed,” he wrote on his personal website, adding that they were promptly removed from the store.

Stefanko added that the thing that concerned him the most was that each one of these applications was created with a Drag-n-Drop app builder service. In other words, no coding skills were required to create the malware - practically anyone could create similar scams.

Fake Apps Attempted Phishing , Theft

Stefanko sorted the fake apps into two separate categories: phishing and fake wallets. The app imitating MetaMask was classified as a “phishing” app. After launching, the app “requests from the user his Private Key and wallet password.”

A screenshot of the fake wallets, as posted on Stefanko's personal website.

The fake wallet apps fool users by listing the attacker’s public address as the public address of their newly-generated wallet. Users are not given access to their private keys.

“If a user send [sic] his funds to this wallet, he is not able to withdraw them because, [sic] he doesn’t own private key,” Stefanko explained. He published screenshots of two separate accounts that he created on the app, both of which were assigned the same public address.

Distributing Malware Has Become Increasingly Easy

Stefanko’s comments about the ease with which these fake apps were created echoed the sentiments of Rick McElroy, strategist at cybersecurity firm Carbon Black.

McElroy commented to CNBC earlier this year that distributing malware was extremely easy--although the methods that he identified were a bit different. McElroy and his firm published a report showing the ease with which any person could purchase a piece of malware from the “deep web” and begin operating it, adding that some of the malware even comes with technical support.

Lukas Stefanko, a renowned malware researcher, published a report earlier this week revealing that he had discovered not one, not two, not three, but four fake cryptocurrency wallets on the Google Play Store.

“These threats imitate legitimate services for NEO, Tether and MetaMask. I reported these apps to Google security team and they were promptly removed,” he wrote on his personal website, adding that they were promptly removed from the store.

Stefanko added that the thing that concerned him the most was that each one of these applications was created with a Drag-n-Drop app builder service. In other words, no coding skills were required to create the malware - practically anyone could create similar scams.

Fake Apps Attempted Phishing , Theft

Stefanko sorted the fake apps into two separate categories: phishing and fake wallets. The app imitating MetaMask was classified as a “phishing” app. After launching, the app “requests from the user his Private Key and wallet password.”

A screenshot of the fake wallets, as posted on Stefanko's personal website.

The fake wallet apps fool users by listing the attacker’s public address as the public address of their newly-generated wallet. Users are not given access to their private keys.

“If a user send [sic] his funds to this wallet, he is not able to withdraw them because, [sic] he doesn’t own private key,” Stefanko explained. He published screenshots of two separate accounts that he created on the app, both of which were assigned the same public address.

Distributing Malware Has Become Increasingly Easy

Stefanko’s comments about the ease with which these fake apps were created echoed the sentiments of Rick McElroy, strategist at cybersecurity firm Carbon Black.

McElroy commented to CNBC earlier this year that distributing malware was extremely easy--although the methods that he identified were a bit different. McElroy and his firm published a report showing the ease with which any person could purchase a piece of malware from the “deep web” and begin operating it, adding that some of the malware even comes with technical support.

About the Author: Rachel McIntosh
Rachel McIntosh
  • 1509 Articles
  • 58 Followers
About the Author: Rachel McIntosh
Rachel is a self-taught crypto geek and a passionate writer. She believes in the power that the written word has to educate, connect and empower individuals to make positive and powerful financial choices. She is the Podcast Host and a Cryptocurrency Editor at Finance Magnates.
  • 1509 Articles
  • 58 Followers

More from the Author

CryptoCurrency

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}