Saturday, February 15, 2025
HomeAndroidFake cryptocurrency Wallets Apps on Google Play Steal User Credentials and Mimic...

Fake cryptocurrency Wallets Apps on Google Play Steal User Credentials and Mimic as Legitimate Wallets

Published on

SIEM as a Service

Follow Us on Google News

Fake cryptocurrency wallet apps in Google play aimed at stealing user credentials or impersonate as cryptocurrency wallets.

Security researcher Lukas Stefanko discovered four such fake apps in Google play that mimics the legitimate services including NEO, Tether, and MetaMask.

Fake cryptocurrency wallet apps Functionality 

Among the four fake apps, MetaMask app poses a fake request form to steal user private key and wallet password.

Other three apps trick the user’s by generating public address and private key. If user’s try to generate public address and private key the malicious shows only the attacker’s public address.

If user’s deposit funds to that address they then it is not possible to withdraw it without the private key.

Stefanko tested the app by creating multiple accounts and he got the same public address, including the QR code. He posted a video with the detailed code analysis. That app’s found built in Drag-n-Drop builder service without any coding knowledge.

Fake cryptocurrency wallet

Common Tips to Catch Fake Android App

Look at the publish date. A fake app will have a recent published date.
Do a little research about the developer of the app you plan to install.
Very important – read all app permissions carefully.

Common Defences On Mobile Threats

Give careful consideration to the permission asked for by applications.
Download applications from trusted sources.
Stay up with the latest version.
Encrypt your devices.

Also Read

Stop DDoS Attacks In 10 Seconds – Organization’s Most Important Consideration for DDOS Attack Mitigation

DDoS Attack Prevention Method on Your Enterprise’s Systems – A Detailed Report

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Fake BSOD Attack Launched via Malicious Python Script

A peculiar malicious Python script has surfaced, employing an unusual and amusing anti-analysis trick...

SocGholish Malware Dropped from Hacked Web Pages using Weaponized ZIP Files

A recent wave of cyberattacks leveraging the SocGholish malware framework has been observed using...

Lazarus Group Targets Developers Worldwide with New Malware Tactic

North Korea's Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign...

North Korean IT Workers Penetrate Global Firms to Install System Backdoors

In a concerning escalation of cyber threats, North Korean IT operatives have infiltrated global...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

RedNote App Security Flaw Exposes User Files on iOS and Android Devices

Serious security vulnerabilities have been uncovered in the popular social media and content-sharing app,...

BADBOX Botnet Surges: Over 190,000 Android Devices Infected, Including LED TVs

The BADBOX botnet, a sophisticated malware operation targeting Android-based devices, has now infected over...

Malicious Android & iOS Apps Downloaded Over 242,000 Times, Stealing Crypto Recovery Keys

A sophisticated malware campaign, dubbed SparkCat, has infiltrated Google Play and Apple’s App Store,...