Watch Out: 4 Fake Crypto Wallets Discovered on Google Play Store

Malware researcher Lukas Stefanko warns the malware could be much more prolific than we know.

Lukas Stefanko, a renowned malware researcher, published a report earlier this week revealing that he had discovered not one, not two, not three, but four fake cryptocurrency wallets on the Google Play Store.

“These threats imitate legitimate services for NEO, Tether and MetaMask. I reported these apps to Google security team and they were promptly removed,” he wrote on his personal website, adding that they were promptly removed from the store.

Suggested articles

Q8 Trade Gains Recognition for ‘Most Trusted Trading Platform in MENA’Go to article >>

Stefanko added that the thing that concerned him the most was that each one of these applications was created with a Drag-n-Drop app builder service. In other words, no coding skills were required to create the malware – practically anyone could create similar scams.

Fake Apps Attempted Phishing, Theft

Stefanko sorted the fake apps into two separate categories: phishing and fake wallets. The app imitating MetaMask was classified as a “phishing” app. After launching, the app “requests from the user his private key and wallet password.”

A screenshot of the fake wallets, as posted on Stefanko’s personal website.

The fake wallet apps fool users by listing the attacker’s public address as the public address of their newly-generated wallet. Users are not given access to their private keys.

“If a user send [sic] his funds to this wallet, he is not able to withdraw them because, [sic] he doesn’t own private key,” Stefanko explained. He published screenshots of two separate accounts that he created on the app, both of which were assigned the same public address.

Distributing Malware Has Become Increasingly Easy

Stefanko’s comments about the ease with which these fake apps were created echoed the sentiments of Rick McElroy, strategist at cybersecurity firm Carbon Black.

McElroy commented to CNBC earlier this year that distributing malware was extremely easy–although the methods that he identified were a bit different. McElroy and his firm published a report showing the ease with which any person could purchase a piece of malware from the “deep web” and begin operating it, adding that some of the malware even comes with technical support.

Got a news tip? Let Us Know