Google Play was hosting app containing malware stealing crypto-currencies

ESET the cyber-security company is issuing an alert about one harmful application that had crept into Google's Play Store while grabbing crypto-currency from end-users' wallets. Security researchers from ESET report uncovering one fresh malware strain that steals crypto-currencies and is called "clipper" as it made its way into Play. The detection of the malware was the first instance known of it.

The attack employs an extraordinarily simple tactic for making end-users give away their digital money. The value of a digital coin is assigned to an overtly lengthy and distinct thread of characters called the wallet. While doing a transaction of crypto-currency, the sender requires keying in the wallet id of the recipient into their app.

Clipper captures end-users' private keys and credentials from the clipboard. On collecting these items from the end-users, the attacker then manages masquerading as the end-user so as for withdrawing funds directly as well as irreversibly. Because this kind of theft happens, crypto-currency specialists have always been advising people for storing their balance mainly inside offline cold-storage, while stock just minimally on online wallets that can be used for daily purposes.

Clipper reportedly hides its name so it got called MetaMask on the Play. It is crafted like a browser which enables Ethereum coins for performing their tasks on corresponding applications. This was purposed with snatching the end-user's credentials so the attacker would be able in getting hold over the end-user's Ethereum wallet. Indeed, the attacker would replace the end-user's wallet id with his own address. Bitcoinexchangeguide.com posted this, February 11, 2019.

Ever-since ESET researchers discovered the app on Play Store, they reported about it to Google which subsequently unloaded the app. Following a clarification that MetaMask's website currently has Chrome along with more browser add-ons for authorizing blockchain transactions, the researchers at ESET recommends end-users to carefully read the spelling along with name of the websites they access.

Within the current case, MetaMask's site doesn't talk about online apps while mentions solely desktop browser add-ons. End-users must exercise caution while entering credentials through clipboard since any running app has the ability to read the clipboard.

» SPAMfighter News - 2/13/2019