ESET, Cryptocurrency Security Firm Discovers Malicious Crypto Stealing Malware On Android App

Italian Cryptocurrency Exchange, BitGrail shuts down almost immediately after it re-opened

In as much as blockchain, on its own, cannot be compromised, hackers have found vulnerabilities on cryptocurrency wallets and addresses that allow them to steal cryptocurrencies. Several exchanges have suffered security breaches that cost their users billions of dollars in cryptocurrencies because of these problems. Recently, ESET, a cybersecurity firm, found a malicious app on Google Play. This app allows hackers to seal cryptocurrencies from users.

ESET Finds a Malicious Cryptocurrency Stealing App On Google Play

After finding the malicious app, ESET issued a warning that was published on WeLiveSecurity. You see cryptocurrency wallet addresses are made up of alphanumeric characters. These characters are often copied by users who use them during transactions. The malware, which has been dubbed Clipper, can intercept a user’s clipboard and get the information required. The address of the user will be replaced by the address of the attacker. So, if the user is supposed to receive funds from another cryptocurrency wallet, the hacker’s balance will be credited instead.

Bitcoin (BTC) Price Today – BTC / USD

Name Price24H (%)
Bitcoin (BTC)
$3,602.41
-0.09%

This isn’t the first time hackers are creating this kind of malware. In 2017, another version of Clipper surfaced specifically to attack the windows platform. In mid-2018, many other versions of the app were found on Google Play according to the blog post. Clipper is the most recent version and it appears to be a more advanced version.

Apart from being available on Google Play, the app has also been hosted on some third-party platforms. It executes scripts on the computer of the users. The scripts were designed specifically to detect addresses on a user’s clipboard. The malware is able to trick the operating system because the first and last characters are often the same as the user’s address but the entire address belongs to the hacker.

In August 2018, the first Android clipper was being sold secretly on online forums. WeLiveSecurity claims that versions of this malware were found on shady Android app stores. Even the Google Play Store isn’t as safe as hackers have found a way to sneak their malicious apps into the app store without being detected. The software is called Android/Clipper. C. This one simply impersonates the MetaMask wallet.

As soon as a user, who needs a wallet downloads the software and performs a cryptocurrency transaction, the program gets access to their private key information. This allows the hacker to have full access to the cryptocurrency wallet and steal cryptocurrency.

Stealing Cryptocurrencies With Basic Phishing Techniques

As soon as ESET discovered the app, they reported to Google. Shortly after the report, Google took the app down. Google subsequently announced that there are verified add-ons on Google Chrome that can be added through the MetaMask website and used for blockchain transactions. ESET advised users to always pay close attention to subtle differences in spellings whenever they want to visit a site or download a mobile app.

Apart from malicious apps, many hackers have invented many phishing techniques that they can use to steal credentials from a user. These credentials can be used to access the wallet address of the user and steal cryptocurrencies or perform other transactions without the user’s permission. However, the latest discovery was the first to specifically target the cryptocurrency content on the clipboard of users.

Do you think anyone is safe from hackers who keep finding new ways to reap people off? Will advancements in technology ever help protect users from cyber crimes? Share your thoughts in the comment section.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.