An application intended for stealing digital currency was available on Google Play and reportedly downloaded over a thousand times.
While it is not surprising, it is alarming to think that numerous individuals have or had access to a tool for stealing crypto. Malicious actors who want to take funds that don’t belong to them have been plaguing the crypto market.
A recent instance involves SIM-swapping. Hackers obtain access to someone’s cell phone upon determining their social security number. They will call the cell phone company, and by giving that information, the staff is convinced that they were talking to the account holder. From there, sensitive information like login credentials and passwords are given to the hackers.
If that isn’t effective, some hackers would try to bribe the staff for the details, and unfortunately, it can work, like in Michael Terpin’s case.
Here, the app under scrutiny was allegedly impersonating crypto hardware wallet Trezor. It could not be used to take Trezor-stored digital currencies, but it was linked to another app on Android devices which could have been utilized to take money from other crypto holders.
ESET security researcher Lukas Stefanko, who specializes in detecting phony or fake Android apps, said the item looked “trustworthy at first glance.” However, it used a “fake developer name” to impersonate Trezor.
“The app claims it lets its users create wallets for various cryptocurrencies. However, it’s actual purpose is to trick users into transferring cryptocurrency into the attackers’ wallets – a classic case of what we’ve named wallet address scams in our previous research into cryptocurrency-targeting malware,” he noted.
Individuals who bought the application are fooled into handing the victims’ login information over to the hackers. Uploaded on May 1 to Google Play, the app ranked as the “second-most popular search result” when users searched for or examined Trezor online. Users on Reddit have also commented about the app, discovering it a couple of weeks ago.
In 2018, it was revealed that Google has been playing host to crypto-jacking applications and related software, which mined cryptocurrencies like Monero from the computers of users.