Four fake cryptocurrency wallet apps were recently found on the Google Play Store, and subsequently taken down.
Malware researcher Lukas Stefanko said in a blog post that he found that the apps “tried to trick users either into luring their credentials or impersonating cryptocurrency wallets.” These apps gave the impression of legitimacy by the use of known names, such as Neo, Tether, and Meta Mask.
The fake Meta Mask app, according to Stefanko, is classified in the phishing category, as it sought to obtain the private keys and wallet passwords of users. The three other wallets, of which there were two Neo wallets, and one Tether, were created by the same person, whose public address was given for users to transfer their money into, while the private key remained with the creator of the app. Stefanko showed how he had created two different accounts, where the same public address was displayed for receiving funds.
He noted that the apps had been created with a drag-and-drop app builder, where no coding knowledge was needed. “That means that —once Bitcoin price rises and starts to make it into front pages— [then] literally anyone can ‘develop’ simple but effective malicious app either to steal credentials or impersonate cryptocurrency wallet,” he said.
Stefanko himself reported the apps to Play Store, which soon after removed them.
In a tweet, he warned those looking for wallet apps to “always go through comments” among reviews of an app “before installing apps— it can save you some trouble.”
David got scammed because, he didn't read app comments.
Always go through comments before installing apps - it can save you some trouble.
David downloaded fake app and entered login credentials in, even though there were comments indicating it is a scam already. pic.twitter.com/FoosGpgYef
— Lukas Stefanko (@LukasStefanko) November 2, 2018
Last August, it was reported that one app in Play Store, listing ‘Google Commerce Ltd’ as developer, was asking $388 for one ETH, for which those who payed received a mere image of an ETH token.
ETH has been identified by cybersecurity company Kaspersky as a favorite target of phishing scammers, where users are lured to websites that are made to look like actual sites for wallets or trading. Aside from this, the scammers have also used social media to get users to put their funds in the scammers’ accounts.