Cryptocurrency Stealing Application Caught on Google Play Store

A malicious application masquerading as MetaMask for Android phones has been caught on the Google Play Store. The malware switches the Bitcoin and Ethereum addresses of its victim found on the clipboard to that of an attacker. It also spies on credentials and private keys to steal Ethereum, according to We Live Security.

Malicious Application Claims to be Android Version of MetaMask

Reportedly, a malware called clipper was found on an application that claims to be the MetaMask version for Android smartphones. The app was launched on Google Play on February 1, 2019, and it is capable of stealing people’s cryptocurrencies. What it does, is to replace the Bitcoin or Ethereum address copied by a user, with that of the actor behind the crime.
Also, clipper begins its operation when the application is launched, and a person tries to send funds from the app. As a result, funds transferred without cross-checking the address will likely end up in the attacker’s wallet. Other than swapping addresses, clipper also can monitor the user’s credentials and private keys to steal Ethereum at a later time.

Android/Clipper.C’s Malware Operation Was First Noted in 2017

Android/Clipper.C, a name given to the supposed Metamask application is a malware whose operation was first discovered on Windows Operating System in 2017. In 2018, the first clipper was discovered on Android smartphones, and it began trading on forums where illegal products are exchanged.
MetaMask, on the other hand, allows users to launch decentralized apps directly from web browsers with the help of an extension. So far, there has been no version launched for Android smartphones. However, fake versions of the app have been released occasionally on Android markets. One of such was able to track private keys even though this is the first case of an Android/Clipper.C that switches addresses.

Protecting the Users Funds From Being Stolen

While We Live Security may have created an awareness about the false app which led to its removal from Google Play, they also outlined ways on how to protect funds from being stolen. This includes verifying from the official website itself if there is a version of that app for a particular operating system. Another is ensuring that the address that has been inserted before transactions coincides with what was copied.
The popularity of cryptocurrency and its massive adoption has also created a problem. There has been a rise in the number of criminal activities such as SIM swapping which are all geared at illegally obtaining digital currencies. BTCNN reported a similar event on January 22 of a malware which hijacks mining machines in China and replaces their Bitcoin address.

Related posts
BanksBitcoinBitcoin NewsbtcusdBTCUSDCBTCUSDTMarketsNewsUSAxbtusd

Bitcoin Retakes $57K As Hundreds Of US Banks Prepare To Offer Crypto Trading And Custody To Clients

Bitcoin has recouped the losses from recent sell-off after news that the world’s oldest cryptocurrency is soon coming to hundreds of United States banks. Data from CoinMarketCap shows that bitcoin is hovering at $57,091.36 at press time, with 5.47% daily…
BitcoinBitcoin NewsbtcusdBTCUSDCBTCUSDTJamie DimonjpmorganNewsxbtusd

My Clients Care About Bitcoin, I Don’t: JPMorgan CEO Jamie Dimon

The trajectory that bitcoin has seen over the last decade has been nothing if not interesting. There was a time where it was popular among top financial executives to denounce bitcoin and declare it is a scam or fraud at…
CoinbasecryptocurrencyCryptocurrency NewsFeaturedNews

How Coinbase is Driving the Crypto Market to the Richest Fintech Hands

Not every cryptocurrency proponent is a fan of the giant exchange platform Coinbase. But if sentiments are kept aside, it is crystal clear that the platform is leading the cryptocurrency market into some of the richest hands the industry will…