Watch Out: 4 Fake Crypto Wallets Discovered on Google Play Store
- Malware researcher Lukas Stefanko warns the malware could be much more prolific than we know.
Lukas Stefanko, a renowned malware researcher, published a report earlier this week revealing that he had discovered not one, not two, not three, but four fake cryptocurrency wallets on the Google Play Store.
Fake #cryptocurrency wallets found on Google Play Store.
These app were created using Drag and Drop service - anyone can be malware "developer" and upload it to Play Store now.https://t.co/ELyHDt9DZw — Lukas Stefanko (@LukasStefanko) November 13, 2018
“These threats imitate legitimate services for NEO, Tether and MetaMask. I reported these apps to Google security team and they were promptly removed,” he wrote on his personal website, adding that they were promptly removed from the store.
Stefanko added that the thing that concerned him the most was that each one of these applications was created with a Drag-n-Drop app builder service. In other words, no coding skills were required to create the malware - practically anyone could create similar scams.
Fake Apps Attempted Phishing Phishing Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than techno Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than techno Read this Term, Theft
Stefanko sorted the fake apps into two separate categories: phishing and fake wallets. The app imitating MetaMask was classified as a “phishing” app. After launching, the app “requests from the user his Private Key Private Key Private keys or secret keys are defined as a string of characters used with an algorithm to both encrypt and decrypt code. The primary application of this alphanumeric key is designed to send or access cryptocurrency securely.As its name suggests, secret keys are only shared with the key’s generator, helping provide a layer of security against hackings or theft.Private keys are stored in digital wallets. When a cryptocurrency transaction is initiated, the wallet generates a digital signature usi Private keys or secret keys are defined as a string of characters used with an algorithm to both encrypt and decrypt code. The primary application of this alphanumeric key is designed to send or access cryptocurrency securely.As its name suggests, secret keys are only shared with the key’s generator, helping provide a layer of security against hackings or theft.Private keys are stored in digital wallets. When a cryptocurrency transaction is initiated, the wallet generates a digital signature usi Read this Term and wallet password.”
A screenshot of the fake wallets, as posted on Stefanko's personal website.
The fake wallet apps fool users by listing the attacker’s public address as the public address of their newly-generated wallet. Users are not given access to their private keys.
“If a user send [sic] his funds to this wallet, he is not able to withdraw them because, [sic] he doesn’t own private key,” Stefanko explained. He published screenshots of two separate accounts that he created on the app, both of which were assigned the same public address.
Distributing Malware Has Become Increasingly Easy
Stefanko’s comments about the ease with which these fake apps were created echoed the sentiments of Rick McElroy, strategist at cybersecurity firm Carbon Black.
McElroy commented to CNBC earlier this year that distributing malware was extremely easy--although the methods that he identified were a bit different. McElroy and his firm published a report showing the ease with which any person could purchase a piece of malware from the “deep web” and begin operating it, adding that some of the malware even comes with technical support.
Lukas Stefanko, a renowned malware researcher, published a report earlier this week revealing that he had discovered not one, not two, not three, but four fake cryptocurrency wallets on the Google Play Store.
Fake #cryptocurrency wallets found on Google Play Store.
These app were created using Drag and Drop service - anyone can be malware "developer" and upload it to Play Store now.https://t.co/ELyHDt9DZw — Lukas Stefanko (@LukasStefanko) November 13, 2018
“These threats imitate legitimate services for NEO, Tether and MetaMask. I reported these apps to Google security team and they were promptly removed,” he wrote on his personal website, adding that they were promptly removed from the store.
Stefanko added that the thing that concerned him the most was that each one of these applications was created with a Drag-n-Drop app builder service. In other words, no coding skills were required to create the malware - practically anyone could create similar scams.
Fake Apps Attempted Phishing Phishing Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than techno Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than techno Read this Term, Theft
Stefanko sorted the fake apps into two separate categories: phishing and fake wallets. The app imitating MetaMask was classified as a “phishing” app. After launching, the app “requests from the user his Private Key Private Key Private keys or secret keys are defined as a string of characters used with an algorithm to both encrypt and decrypt code. The primary application of this alphanumeric key is designed to send or access cryptocurrency securely.As its name suggests, secret keys are only shared with the key’s generator, helping provide a layer of security against hackings or theft.Private keys are stored in digital wallets. When a cryptocurrency transaction is initiated, the wallet generates a digital signature usi Private keys or secret keys are defined as a string of characters used with an algorithm to both encrypt and decrypt code. The primary application of this alphanumeric key is designed to send or access cryptocurrency securely.As its name suggests, secret keys are only shared with the key’s generator, helping provide a layer of security against hackings or theft.Private keys are stored in digital wallets. When a cryptocurrency transaction is initiated, the wallet generates a digital signature usi Read this Term and wallet password.”
A screenshot of the fake wallets, as posted on Stefanko's personal website.
The fake wallet apps fool users by listing the attacker’s public address as the public address of their newly-generated wallet. Users are not given access to their private keys.
“If a user send [sic] his funds to this wallet, he is not able to withdraw them because, [sic] he doesn’t own private key,” Stefanko explained. He published screenshots of two separate accounts that he created on the app, both of which were assigned the same public address.
Distributing Malware Has Become Increasingly Easy
Stefanko’s comments about the ease with which these fake apps were created echoed the sentiments of Rick McElroy, strategist at cybersecurity firm Carbon Black.
McElroy commented to CNBC earlier this year that distributing malware was extremely easy--although the methods that he identified were a bit different. McElroy and his firm published a report showing the ease with which any person could purchase a piece of malware from the “deep web” and begin operating it, adding that some of the malware even comes with technical support.