Trojanized WhatsApp, Telegram apps are targeting cryptocurrency wallets

Trojanized WhatsApp, Telegram apps are targeting cryptocurrency wallets

Users of the popular apps need to be aware that they could be targets of crypto scammers

WhatsApp and Telegram are messaging applications with several powerful security filters. However, according to ESET’s research team, there are a large number of websites posing as both apps, especially targeting Android and Windows with trojanized versions. Most of the identified applications are clippers, a type of malware that steals or modifies content stored in the clipboard. It appears that victims have suffered from major thefts, including cryptocurrency wallets.

According to recent findings, many of these clipboards have been intended to steal funds related to the cryptocurrency space. This is the first time that the use of Android clipboards disguised as instant messaging apps has been revealed. In addition, some of these apps use Optical Character Recognition (OCR) in order to recognize text from screenshots stored on compromised devices, a malware development that Android will have to pay special attention to.

These clipboards apparently have the main purpose of intercepting communications in messaging apps used by the victim and replacing any cryptocurrency wallet addresses received and sent with addresses belonging to the attackers. Android was not the only one affected, as the team of experts also found trojanized versions of Telegram and WhatsApp apps for Windows.

As many on Americas Cardroom will recall, last year identified threat actors focused on repackaging legitimate cryptocurrency apps that attempt to steal recovery phrases from their victims’ wallets. While the process of maintaining Telegram’s functionality is straightforward, given that it is open source based, but the case is different for WhatsApp. Analysts believe that the attackers first had to perform an in-depth analysis of the app’s functionality to identify the specific places to modify.



Join the most trusted US poker site since 2001 and get a 100% bonus on your first deposit, up to $2,000 !



Stay up to date on the latest poker news through social media. Join us at Facebook/americascardroomeu and follow us @ACR_POKER on Twitter. We invite you to share ideas and reactions.