Google Removes Blockchain App, Fraudulent Version Takes its Place

Google removed MetaMask with no explanation and an impersonator was left up for five hours.

MetaMask, an application that links regular internet browsers to the Ethereum blockchain, was removed from Google download sites and replaced by a fraudulent version for a few hours.

What is MetaMask?

MetaMask, according to its website, is “a bridge that allows you to visit the distributed web of tomorrow in your browser today.”

It provides an interface that allows users of internet browsers Chrome, Firefox, Opera, and Brave to use decentralised networks. Users open an encrypted account which lets them send Ethereum and access Ethereum-enable websites.

It was delisted from the Android and Chrome application stores earlier today and returned five hours later.


Google has offered no explanation as to why this happened, but it has been theorised that it got caught up in a sweep of cryptocurrency mining applications (MetaMask is not a mining application).

Fake version

Users soon noticed that in the absence of the genuine application, a version using a known phishing address was available instead.


Phishing is when a thief gets people to send money to their wallet under false pretences. It is not yet known how many people fell for this scam.

Shortly afterwards, MetaMask published a retrospective analysis in Medium. It revealed that the removal was discovered when a staff member happened to notice it – Google did not send a notification, although it claims that it did and the email bounced.

The text identifies three problems that were highlighted by this occurrence. First, how can a product defend itself against such arbitrary decisions? Second, how can phishing be avoided? That is to say, how can an application warn everyone of a fraudulent download if it doesn’t have a formal presence on the platform? And finally, decentralised applications need to find a way to overcome these central points of failure.

Fake applications and Google security

In January 2018, a security firm called Risk IQ discovered that hundreds of fraudulent cryptocurrency applications were available for download at the Apple of Google application stores – specifically, 661 blacklisted programmes were discovered, of which 272 were on Google.

Such was the scale of the problem, a fraudulent version of MyEtherWallet was at one point the third most-downloaded application from the Apple Store in December 2017, despite charging people $4.99 when the genuine version was free.

Google banned all cryptocurrency advertising in March 2018 as a response to the infestation of scams. Earlier this week it began displaying Coinbase adverts again, which was seen as a positive development for the cryptocurrency industry. However, today’s events have shown that it still has some work to do in terms of security procedures.

Got a news tip? Let Us Know