Copy link
Increase text size
Decrease text size
Link copied

Security firm discovers new crypto scheme deploying fake Trojan apps disguised as crypto wallets

The team discovered 13 malicious apps impersonating the Jaxx Liberty wallet on the Google Play store. Google has already removed the fake apps.

Photo by Pete Linforth of Pixabay

Wed, 30 Mar 2022, 08:21 am UTC

With the increasing popularity of cryptos such as Bitcoin (BTC) and Ethereum (ETH) and the subsequent rise in their prices, cybercriminals are now increasingly modifying their schemes to specifically target crypto owners. A cyber security firm has recently uncovered what it calls a “sophisticated scheme” that fools victims to download Trojan apps disguised as crypto wallets.

Cyber security firm ESET has discovered a “sophisticated malicious cryptocurrency scheme” targeting Android and iOS devices that become compromised once a user unwittingly downloads a fake app. “Malicious apps are distributed through fake websites, mimicking legitimate wallet services such as Metamask, Coinbase, Trust Wallet, TokenPocket, Bitpie, imToken, and OneKey,” ESET wrote in a report.

“The main goal of this scheme is to steal cryptocurrency funds, especially those of Chinese users,” the company said. “With cryptocurrencies gaining popularity and the apparent leak of the source code of this threat, ESET expects these techniques to spread to other markets.”

The firm has uncovered dozens of trojanized crypto wallet apps since May 2021. According to ESET researchers, the malware’s authors must have carried out an in-depth analysis of the legitimate apps. This enabled the authors to insert their own malicious code in areas that are hard to detect while maintaining the functionalities of the original apps.

“These malicious apps also represent another threat to victims, as some of them send secret victim seed phrases to the attackers’ server using an unsecured HTTP connection,” Lukáš Štefanko, ESET researcher who discovered the scheme, said. “This means that victims’ funds could be stolen not only by the operator of this scheme but also by a different attacker eavesdropping on the same network.”

The team discovered 13 malicious apps impersonating the Jaxx Liberty wallet on the Google Play store. Google has already removed the fake apps.

The group also used social media and messaging platforms to spread the malicious apps. ESET found dozens of Telegram groups promoting the fake apps, which were also promoted by at least 56 Facebook groups.

“At the time of publication, the price of bitcoin has decreased almost by half from its all-time high about four months ago,” Štefanko said. “For cryptocurrency investors, this might be a time either to panic and withdraw their funds, or for newcomers to jump at this chance and buy cryptocurrency for a lower price. If you belong to one of these groups, you should pick carefully which mobile app to use for managing your funds.”

TokenPost | [email protected]

<Copyright © TokenPost. All Rights Reserved. >

  • Bitcoin (btc) $20,001.00 (+0.53%)
  • Ethereum (eth) $1,437.07 (+1.01%)
  • USD Coin (usdc) $1.00 (-0.01%)
  • BNB (bnb) $278.36 (+0.72%)
  • Binance USD (busd) $1.00 (-0.15%)
  • Bitcoin (btc) $20,001.00 (+0.53%)
Jul 15, 2021 (Thursday)
13:30
BTC Surges by 1.16% Within 5 Mins, Marking 31,824.01 USDT
12:06
BTC Surges by 1.12% Within 5 Mins, Marking 32,104.8 USDT
10:25
BTC Drops by 1.03% Within 5 Mins, Marking 32,171.88 USDT
02:13
TriumphX Scouts 'MINAMCOMPANY' CEO Woo-Seong Lee As Creative Director
02:00
ETH Tops List Of Crypto Net Inflow With $298.96 Mln In Past 10 Hours
Jul 14, 2021 (Wednesday)
13:14
BTC Surges by 1.03% Within 5 Mins, Marking 32,738.08 USDT
09:03
BTC Surges by 1.01% Within 5 Mins, Marking 31,899 USDT
02:30
Crypto Market Sentiment On Jul 14: Market In "Extreme Fear"
02:00
ETH Tops List Of Crypto Net Outflow With $224.97 Mln In Past 10 Hours
Jul 13, 2021 (Tuesday)
02:30
Crypto Market Sentiment On Jul 13: Market In "Extreme Fear"
02:00
ETH Tops List Of Crypto Net Outflow With $178.61 Mln In Past 10 Hours
Jul 12, 2021 (Monday)
02:30
Crypto Market Sentiment On Jul 12: Market In "Extreme Fear"
02:00
BTC Tops List Of Crypto Net Inflow With $164.82 Mln In Past 10 Hours
Jul 11, 2021 (Sunday)
21:31
BTC Surges by 1.02% Within 5 Mins, Marking 34,475.6 USDT
10:00
ETH Tops List Of Crypto Net Inflow With $122.76 Mln In Past 18 Hours
06:17
SOBA Listed On LATOKEN
02:30
Crypto Market Sentiment On Jul 11: Market In "Extreme Fear"
02:00
BTC Tops List Of Crypto Net Outflow With $87.56 Mln In Past 10 Hours
Jul 9, 2021 (Friday)
21:40
BTC Surges by 1.08% Within 5 Mins, Marking 33,911.8 USDT
02:30
Crypto Market Sentiment On Jul 09: Market In "Extreme Fear"
Subscribe to the TokenPost newsletter!
Don't show me this again today.
Back to top
Copyright ⓒ TokenPost. All Rights Reserved.