The official Android App Store Google Play had reportedly a dangerous app in it which when downloaded stole bitcoin and another cryptocurrency from the user’s phone.
The ‘clipper’ malware was detected and discovered by ESET security researchers at the start of February month in the app which looked legitimate and was called MetaMask
The cryptocurrency wallets were intercepted by the malware which used to transfer the user funds from one account to another
Since there are long strings of characters in a Bitcoin address for security reasons and people mainly copy and paste them instead of writing the whole thing which gave the chance to the malware to intercept the address while being copied and then replace it secretly with its own wallet address. This enabled the attacker to redirect the user’s funds to his own account.
This is not the first time such malware being detected in the Android apps, although it has been the first time that an infected app was discovered in the Google Play Store.
The ESET discovered the malware infected app which had the knack of impersonating MetaMask service which provided access to decentralized applications such as Ethereum. Besides impersonation, MetaMask stole user credentials and private keys or accessing Ethereum funds along with Bitcoin wallet addresses which would be copied by the users in their wallet.
The Google Play Store immediately removed the fake app as soon as the ESET reported about it. Before this issue came forward regarding the MetaMask app, back in July it was erroneously been removed by the Google store app for almost 5 hours before being restored again.
ESET has advised the
users to keep their devices updated to be safe from these fake mobile apps which have malware and also to check their transactions at every step along with their wallet address on their clipboard.