Google has a serious problem with cryptocurrency malware infecting many of the apps on its marketplace, according to security researcher Lukas Stefanko.
Stefanko posted a screenshot of one such app that tries to lure victim’s private keys on Twitter, the app was a MyEtherWallet copycat.
Fake version of @myetherwallet app has been available on Google Play for last 4 days.
App tries to lure your PK. pic.twitter.com/5gdE8i3POQ— Lukas Stefanko (@LukasStefanko) April 18, 2018
MyEtherWallet, a popular Ethereum wallet interface, has been suffering from multiple imitation apps on the Google marketplace. Stefanko breaks down for his follower’s, what counterfeit apps are, some examples that are active on the store, and what danger they pose.
The copycat app was designed to get users to submit their existing wallet information. Allowing it to phish for user credentials. The hackers would steal the private keys and essential information and steal the user’s assets. Phishing refers to attempts to obtain sensitive information from a user by impersonating a trusted application or website. This ranges from usernames, passwords, financial information and in this case, private keys.
Over the last few days, an imitation of MyEtherWallet has been available for users to download. Fortunately, warnings were given in time to prevent too many people from downloading the app. What it demonstrates, is that Google has a severe problem with monitoring the apps on its market.
In January, over 500 users were subject to a phishing scam that used a copycat MyEtherWallet to obtain sensitive information. This is not the first time that counterfeits have been reported.
This also includes an attempt by another phishing scam in October 2017, one that allowed its creators to earn over $15,000 in just two hours.
I found fake @Poloniex app on Google Play in a feeding phase.
After start, opens phishing web with redirection to legit Poloniex. If there is large user base then there wont be any redirection. pic.twitter.com/0UYMV9yIDA— Lukas Stefanko (@LukasStefanko) March 28, 2018
On April 4th, Stefanko reported on Twitter that a Poloniex app was being downloaded by unknowing users, leaving them vulnerable to having their information stolen. Fortunately, the impact of Stefanko’s tweets resulted in the rapid removal by Google of the malicious app.
According to research, Google has had serious problems with these apps for some time. In 2017 alone, the company’s online store has had to remove over 700,000 apps for multiple reasons including malware and phishing frauds.
Check out EAL (Ether Address Lookup) to help prevent fraud.