In today’s world, we probably have lots of apps installed on our smartphones that somehow are supposed to make our lives easier. As technology advances, more apps are created to help us deal with everyday activity but those apps require some of our private information in order to function. Unfortunately, not all developers are concerned about the safety of our private information and at times, they even take advantage of users.
The cryptocurrency world is no stranger to this philosophy, with probably hundreds of apps created and with new ones constantly being developed. As it is expected, hackers tend to target markets of great liquidity and for better or for worse, the unanimity cryptocurrencies provide at some level tend to play out against us when we’re victims of a security breach or scam.
According to ESET, the Google Play Store recently had an app with a malware called “clipper”, stored within an app that was simulating to be of one of the biggest wallet extension apps for Chrome and other navigators, MetaMask.
The clipper we found lurking in the Google Play store, detected by ESET security solutions as Android/Clipper.C, impersonates a legitimate service called MetaMask. The malware’s primary purpose is to steal the victim’s credentials and private keys to gain control over the victim’s Ethereum funds. However, it can also replace a Bitcoin or Ethereum wallet address copied to the clipboard with one belonging to the attacker.
ESET Security Solutions
As explained by ESET, the Google Play Store was quick to notice the issue and quickly took off the app from the market, although it is unclear how many users were affected by this fake app. The purpose of the malware was to steal private information such as login info for MetaMask. ESET commented that this was the first time a “clipper” malware was detected in Google Play Store, and recommended Android users to improve their security levels on their phones to avoid being victims of a scam.