Saturday, May 18, 2024

Fake cryptocurrency Wallets Apps on Google Play Steal User Credentials and Mimic as Legitimate Wallets

Fake cryptocurrency wallet apps in Google play aimed at stealing user credentials or impersonate as cryptocurrency wallets.

Security researcher Lukas Stefanko discovered four such fake apps in Google play that mimics the legitimate services including NEO, Tether, and MetaMask.

Fake cryptocurrency wallet apps Functionality 

Among the four fake apps, MetaMask app poses a fake request form to steal user private key and wallet password.

Other three apps trick the user’s by generating public address and private key. If user’s try to generate public address and private key the malicious shows only the attacker’s public address.

If user’s deposit funds to that address they then it is not possible to withdraw it without the private key.

Stefanko tested the app by creating multiple accounts and he got the same public address, including the QR code. He posted a video with the detailed code analysis. That app’s found built in Drag-n-Drop builder service without any coding knowledge.

Fake cryptocurrency wallet

Common Tips to Catch Fake Android App

Look at the publish date. A fake app will have a recent published date.
Do a little research about the developer of the app you plan to install.
Very important – read all app permissions carefully.

Common Defences On Mobile Threats

Give careful consideration to the permission asked for by applications.
Download applications from trusted sources.
Stay up with the latest version.
Encrypt your devices.

Also Read

Stop DDoS Attacks In 10 Seconds – Organization’s Most Important Consideration for DDOS Attack Mitigation

DDoS Attack Prevention Method on Your Enterprise’s Systems – A Detailed Report

Website

Latest articles

Norway Recommends Replacing SSLVPN/WebVPN to Stop Cyber Attacks

A very important message from the Norwegian National Cyber Security Centre (NCSC) says that...

New Linux Backdoor Attacking Linux Users Via Installation Packages

Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices,...

ViperSoftX Malware Uses Deep Learning Model To Execute Commands

ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine,...

Santander Data Breach: Hackers Accessed Company Database

Santander has confirmed that there was a major data breach that affected its workers...

U.S. Govt Announces Rewards up to $5 Million for North Korean IT Workers

The U.S. government has offered a prize of up to $5 million for information...

Russian APT Hackers Attacking Critical Infrastructure

Russia leverages a mix of state-backed Advanced Persistent Threat (APT) groups and financially motivated...

Millions Of IoT Devices Vulnerable To Attacks Leads To Full Takeover

Researchers discovered four significant vulnerabilities in the ThroughTek Kalay Platform, which powers 100 million...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles