If you’re hoping to cash in on cryptocurrency using your Android phone, you might want to be a little careful. Four bogus cryptocurrency apps were spotted on the Google Play Store this week, according to a report from cybersecurity researcher Lukas Stefanko.
Three of the four fake apps in question include Neo Wallet, Tether Wallet, and MetaMask. These bogus apps were present in the Google Play Store since the middle of October but were reported and then quickly removed. The apps attempted to either phish the cryptocurrency logins of consumers or impersonate real cryptocurrency wallets. For instance, unsuspecting victims who installed MetaMask could have had their cryptocurrencies rejected and incapable of being deposited because of the way scammers programmed the app to show a specific private key.
“These malicious apps only display attacker’s public address without user’s access to private key. Private key is owned by the bad guy. Once the fake app is launched, user thinks that app already generated his public address where user can deposit his cryptocurrency. If user send his funds to this wallet, he is not able to withdraw them because he doesn’t own private key,” said Lukas Stefanko.
All of the apps in question were built using AppyBuilder, a “drag and drop” service which anyone with general knowledge can use to code apps. That serves as a significant reminder to always double check the original developer of a Google Play App. And for cryptocurrency seekers, it is an important reminder to make sure that your mining app is loading up your own personal private key, and not a pre-set key.
Cryptocurrency mining on mobile platforms has been a very hot topic in recent times, as Apple has banned mining apps from its iOS devices. Millions of Android consumers were also at risk in February, when drive-by cryptominers redirected web traffic to a specific address.
The Google Play Store has been known to host malware in the past. Earlier in 2018, McAfee researchers found out that the Android app store hosted malware meant to steal photos, contact lists, and even text messages of North Korean defectors. Some of those apps were posing as security apps, while one was claiming to provide food ingredient information.