Reading: Ethereum Just Shot Up $250 But Don’t Bet on That Resistance Breaking

Arbismart Logo Sponsored
News

Fake MetaMask App That Hijacks Ethereum dApps Removed By Google

Avatar

Osato Avan-Nomayo · @OsatoNomayo | Feb 11, 2019 | 08:00

google play store News

Fake MetaMask App That Hijacks Ethereum dApps Removed By Google

Avatar

Osato Avan-Nomayo · @OsatoNomayo | Feb 11, 2019 | 08:00

Send
Share

Google, at the start of the month, removed yet another malware app used by hackers to steal cryptocurrencies. Experts at IT security firm, Eset tipped off the company to the presence of a fake MetaMask app on the Google Play Store.

Clipper Malware Impersonating ‘MetaMask App’

Lukas Stefanko, a malware researcher at Eset, published the news on the company’s website last Friday (February 8, 2019). According to the post, Eset experts found a malicious app “Android/Clipper.C, purporting to be MetaMask.

The report indicates that Ethereum owners who downloaded the app could have their private keys compromised and their funds stolen. Like other clippers, this malware could also hijack the clipboard of the victim replacing their Bitcoin or Ethereum address.

Android Bitcoin Clipper Malware

MetaMask allows users to run decentralized apps (DApps) hosted on the Ethereum platform via a browser add-on without having to run the full network node. Currently, the service has no mobile app.

Android/Clipper.C isn’t the first app to impersonate MetaMask on the Google Play Store. Back in 2018, Google removed the previously available MetaMask mobile app which seems to have left room for many malicious iterations of the service.

Usually, these faux-MetaMask employ phishing techniques to gain access to user funds held in cryptocurrency wallets. Meanwhile, MetaMask in November 2018 announced plans to relaunch its mobile app following the continued success of the browser add-on which has more than one million total downloads.

Cryptocurrency Theft via Clipboard Hijacking

The pivot of these malicious apps impersonating MetaMask from phishing to clipping is indicative of the growing menace of cryptocurrency theft via clipboard hijacking. In July 2018, Bitcoinist reported that a clipboard hijacking malware was monitoring about 2.3 million Bitcoin addresses.

Since wallet addresses are composed of a lot of alphanumeric characters, most people copy and paste them when carrying out transactions to avoid costly errors. These malicious apps target this practice by hijacking the user’s clipboard replacing their addresses with those of the attacker.

To avoid falling victim to clipboard hijacking, cryptocurrency owners should endeavor to upgrade their antivirus software. Also, it is essential to eyeball addresses before “pressing send.” Five minutes of due-diligence could save you losing your precious crypto.

What other ways can cryptocurrency owners protect themselves from clipboard hijacking? Let us know your thoughts in the comments below.

Image courtesy of ESET, Shutterstock

BitStarz Player Lands $2,459,124 Record Win! Could you be next big winner?

Tags: , , , ,
Send
Share
Show comments
bitcoin, btcusd, cryptocurrency, xbtusd, btcusdt
News

Bitcoin Poised to Retest $12K After FOMC Minutes, Data Shows

Bitcoin fell towards $11,500 on Wednesday, a move that followed its brief rally above $12,000 earlier this week. The correction appeared as a testament to profit-taking behavior...

Yashu Gola | 1 month ago
News

Bitcoin Bull Rally Will Resume on Booming S&P 500 Sentiment: Analyst

Bitcoin plunged by more than 6 percent after topping out for the year near $12,486 on Sunday. The benchmark cryptocurrency was trading at $11,654, its lowest intraday, during the early...

Yashu Gola | 1 month ago
News

DeFi Awaits “Rude Awakening” as Bitcoin Rallies: Ex Goldman Partner

A rally in the Bitcoin market has prompted traders to shift their capital from the booming decentralized finance sector. As of Wednesday, almost all the DeFi tokens have plunged...

Yashu Gola | 2 months ago