Explorer malware Lucas Stefan (Lukáš Štefanko) found in Google Play four more fake cryptocurrency “wallet”. The application was advertised in the store for Android devices as wallets for NEO and Tether, as well as a browser extension MetaMask. According to him, the programme was designed to gain access to accounts, applications for mobile banking and payment card data.
Shtefanenko distributed malware in two groups: phishing purses (MetaMask) and fake purses (the rest). In the video attached to the publication on the website of the researcher, he also delved into the difference between the groups. Phishing purses when you start requesting the private key and password from the wallet. Fake purses, in turn, reflected the public key from wallet hacker; thus, users, having a line for generating a private key, transfer funds to the wallet address of the attacker without the possibility to return them.
Shtefanenko stressed that only one of fake “Neo Wallet” has been downloaded over 1,000 times in the month after release. He added that all applications were created using the platform’s Drag-n-Drop, which does not require special skills of programming, that is, these harmful can create any “as soon as will rise the exchange rate for bitcoin,” writes Shtefanenko.
The specialist said that “wallets” have been removed from Google Play after reviewing his complaint of cyber security Google.
This is the third time in a month detect fake wallets on the app markets for smartphones. In October, the owners of the TV channel “CRYPTOTWINS” complained of theft of their cryptocurrency assets in the amount of $8000: hackers were able to withdraw funds using a third-party fake EOS-wallet uploaded in App Store. Last Sunday, November 11, another similar application was already detected in Google Play.