Fake cryptocurrency wallet apps in Google play aimed at stealing user credentials or impersonate as cryptocurrency wallets.
Security researcher Lukas Stefanko discovered four such fake apps in Google play that mimics the legitimate services including NEO, Tether, and MetaMask.
Fake cryptocurrency wallet apps Functionality
Among the four fake apps, MetaMask app poses a fake request form to steal user private key and wallet password.
Other three apps trick the user’s by generating public address and private key. If user’s try to generate public address and private key the malicious shows only the attacker’s public address.
If user’s deposit funds to that address they then it is not possible to withdraw it without the private key.
Stefanko tested the app by creating multiple accounts and he got the same public address, including the QR code. He posted a video with the detailed code analysis. That app’s found built in Drag-n-Drop builder service without any coding knowledge.
Common Tips to Catch Fake Android App
Look at the publish date. A fake app will have a recent published date.
Do a little research about the developer of the app you plan to install.
Very important – read all app permissions carefully.
Common Defences On Mobile Threats
Give careful consideration to the permission asked for by applications.
Download applications from trusted sources.
Stay up with the latest version.
Encrypt your devices.