Fake cryptocurrency Wallets  - Fake cryptocurrency Wallets - Fake cryptocurrency wallets App on Google Play Steal User Credentials

wallet apps in aimed at stealing user or impersonate as .

Security researcher Lukas Stefanko discovered four such fake apps in Google play that mimics the legitimate services including NEO, Tether, and MetaMask.

Fake cryptocurrency wallet apps Functionality 

Among the four fake apps, MetaMask poses a fake request form to user private key and wallet password.

Other three apps trick the user’s by generating public address and private key. If user’s try to generate public address and private key the malicious shows only the attacker’s public address.

If user’s deposit funds to that address they then it is not possible to withdraw it without the private key.

Stefanko tested the app by creating multiple accounts and he got the same public address, including the QR code. He posted a video with the detailed code analysis. That app’s found built in Drag-n-Drop builder service without any coding knowledge.

Fake cryptocurrency wallet  - Wallets - Fake cryptocurrency wallets App on Google Play Steal User Credentials

Common Tips to Catch Fake App

Look at the publish date. A fake app will have a recent published date.
Do a little research about the developer of the app you plan to install.
Very important – read all app permissions carefully.

Common Defences On Mobile Threats

Give careful consideration to the permission asked for by applications.
Download applications from trusted sources.
Stay up with the latest version.
Encrypt your devices.

Also Read

Stop DDoS Attacks In 10 Seconds – Organization’s Most Important Consideration for DDOS Attack Mitigation

DDoS Attack Prevention Method on Your Enterprise’s Systems – A Detailed Report

Source link


Please enter your comment!
Please enter your name here