The app was designed to impersonate a real service, MetaMask, which allows users to run ethereum dApps within a web browser, and without a full Ethereum node. Attackers have taken advantage of MetaMask’s lack of an Android app and made it look like an official product.
The hidden malware replaced the cryptocurrency wallet address copied to the user’s clipboard with one belonging to the hacker. As noted by ESET, this method has proven effective because users tend to copy and paste their wallet addresses due to their length. In addition to swapping the infected device’s clipboard data, the malware was also able to retrieve the victim’s crypto-related credentials.
The malicious app has been deleted from Google Play shortly after its discovery by ESET’s team.
The post Fake MetaMask app hiding clipper malware has been found on Google Play appeared first on The Block.
Fake MetaMask app hiding clipper malware has been found on Google Play written by Carol Gaszcz @ https://www.theblockcrypto.com/tiny/fake-metamask-app-hiding-clipper-malware-has-been-found-on-google-play/ February 12, 2019 Carol Gaszcz