Google Play still has a fake crypto app problem
The recent bull run brought the scammers out en masse
In the absence of major price spikes in cryptocurrencies such as Bitcoin (BTC) and Litecoin (LTC), there was a slight lull in the fraudulent apps found on Google Play and the App Store. However, the bull run has caused a flurry of activity and it’s time to start being more vigilant with crypto wallets and other apps. Researchers at ESET have identified a new fake wallet on Google Play that targeted Trezor users. Fortunately, the app has been taken down.
The app impersonated the Trezor hardware wallet and was even named Trezor Mobile Wallet. Most Trezor users would know that no software app could be tied to the wallet, but less savvy users could have easily been duped. Trezors have to be accessed physically and require authentication to be opened.
However, it would be possible for a crypto enthusiast to believe that the app offered the same level of security Trezors offer and download the wallet to store their assets. In actuality, the app connected to a fake crypto wallet called Coin Wallet – Bitcoin, Ripple, Ethereum, Tether, which is capable of stealing funds from legitimate wallets.
The app also required users to register with their email address, which is another potential security breach. Those addresses could be used for phishing schemes in the future, once again raising the possibility of having wallets compromised.
Google has said – more than once – that it was going to do a better job of monitoring the apps that are included in the Play store. However, it is apparently relying too heavily on automation, as a number of fraudulent apps continue to be found, all capable of installing malware and stealing funds.