Cryptocurrency seems to be raging everywhere, even in the apps market. Despite the various attempts by Google to remove the malicious crypto apps, the threat continues. Lukas Stefanko, the cyber security researcher has recently come across with four different fake crypto apps available for download in the Google Play Store.
Reportedly, these apps impersonated the MetaMask and Ethereum, along with the other NEO and Tether cryptocurrencies. As per Stefanko, these malicious apps have been there in the Play Store for more than several weeks now. They have also been downloading a few hundred times by unsuspecting users. Thankfully, these apps were immediately removed from the Google Play Store after the report.
What is this ‘Phishing’ Expedition
Stefanko says that MetaMask app works as a phishing application and it captures the private information of users, such as the keys and wallet password. The remaining apps were meant to be fake wallets that are designed to dupe the downloader into thinking that a public address has been generated.
This is simply intended to prompt the users to send money to the wallet whose private information is now held by the creator of malicious apps. After sending funds , the owner cannot withdraw the funds because he does not have the private keys.
According to the researchers, these fake wallets were developed by using an app builder tool that needs no specific coding skills. With such low restrictions on entry, Stefanko has warned that the issues related to malicious cryptocurrency apps may continue to get worse.
This implies that as the prices for Bitcoin rises and it starts getting more popular, the apps likes these will become more popular as anyone can develop them. These malicious crypto apps ate capable of stealing important credentials and impersonating the crypto currency wallet.
How is Google putting a control on malicious apps
Apart from the malicious apps creating havoc on the Google Play Store, the key search giant Chrome also has to take down the new apps. Google has been experiencing similar issues in the marketplace of Chrome browser. Recently, the giant announced a ban on the browser extensions that provides crypto mining capabilities.
Control
Google has said that the company has been taking numerous steps to control phishing and malicious apps from making their way into Play Store. They have recently launched iframes, an out-of-the-process to detect and block the malevolent apps extensions using machine learning.