13 apps removed after researchers uncover Trojan crypto wallet scheme

13 apps removed after researchers uncover Trojan crypto wallet scheme

Research by cyber security firm ESET has uncovered a “sophisticated scheme” that disseminates Trojan apps disguised as popular cryptocurrency wallets.

The malicious scheme targets mobile devices using Android or Apple (iOS) operating systems which become compromised if the user downloads a fake app.

Our top trading bots

According to ESET's research, these malicious apps are distributed through bogus websites, and imitate legitimate crypto wallets, including MetaMask, Coinbase, Trust Wallet, TokenPocket, Bitpie, imToken, and OneKey.

The firm also discovered 13 malicious apps impersonating the Jaxx Liberty wallet, available on the Google Play Store. Google has since removed the offending apps, which were installed more than 1,100 times, but there are still many more lurking out there on other websites and social media platforms.

The threat actors disseminated their wares through social media groups on Facebook and Telegram, intending to steal crypto assets from their victims. ESET claims to have uncovered “dozens of trojanized cryptocurrency wallet apps,” going back to May 2021. It also stated that the scheme, which it believes is the work of one group, was primarily targeting Chinese users via Chinese websites.

Lukáš Štefanko, the researcher who unraveled the scheme, said that there were other threat vectors, such as sending seed phrases to the attacker’s server using unsecured connections, adding:

“This means that victims' funds could be stolen not only by the operator of this scheme but also by a different attacker eavesdropping on the same network.”

The fake wallet apps behave slightly differently depending on where they are installed. On Android, it targets a new cryptocurrency that the user may not have previously traded, prompting the user to install the appropriate wallet. While on iOS the apps need to be downloaded using arbitrary trusted code-signing certificates circumnavigating Apple’s App Store. This means that the user can have two wallets installed simultaneously, the genuine one and the Trojan, but poses less of a threat since most users rely on App Store verification for their apps.

Related: Hodlers beware! New malware targets MetaMask and 40 other crypto wallets

ESET advises cryptocurrency investors and traders to only install wallets from trusted sources that are linked to the official website of the exchange or company.

In February, Google Cloud unveiled the Virtual Machine Threat Detection (VMTD) system, which scans for and detects “cryptojacking” malware designed to hijack resources to mine digital assets.

According to a January Chainalysis report, cryptojacking accounted for 73% of the total value received by malware-related wallets and addresses between 2017 and 2021.

Keep reading upon Cointelegraph
Crypto exchange Binance says will not accept cards of sanctioned Russian banks
MOSCOW (Reuters) - Cryptocurrency exchange Binance on Thursday said cardholders of sanctioned Russian banks would not be able to use them on their platform...
7 NFL players that chose crypto over cash salaries
For NFL fans, 2021 was a great year. Stadiums returned to capacity crowds after the 2020 season was shortened with limited attendance. Stadium parking lots...
Hedera and Korea's Shinhan Bank partner on KRW stablecoin pilot
South Korea’s Shinhan Bank and Hedera Hashgraph (HBAR) have completed a proof of concept that is designed to conduct international remittances using stablecoins...
UK Law Commission affirms English and Welsh laws apply to smart contracts
The U.K. Law Commission, tasked with monitoring the laws in the United Kingdom and recommending reforms, has said England and Wales do not need statutory...
“PlugWalkJoe” indicted for $784k cryptocurrency theft scheme
Joseph O’Connor, known in some corners of the internet as PlugWalkJoe, was indicted on an array of charges relating to a May 2019 cryptocurrency exchange...
Rari Capital doubles TVL to $1B in just two weeks thanks to high yields
The total value locked (TVL) on the decentralized finance protocol Rari Capital has surged past $1 billion.The DeFi lending, borrowing, and yield generating...
Stripe builds new crypto team for payments three years after dropping Bitcoin
U.S. fintech giant Stripe is hiring a new blockchain team to enable crypto payments for its users. The $100 billion company is returning to the crypto sector...
Apple app store reportedly blocks Gnosis Safe wallet update for hosting NFTs
The Apple App Store reportedly blocked a Gnosis Safe crypto wallet app update due to it hosting NFTs that weren’t purchased inside the app. Lukas Schor...
Spanish officials issue warning on Huobi and Bybit crypto exchanges
Regulators around the world continue to keep the pressure fresh on crypto businesses. Spain’s National Securities Market Commission (CNMV) is the latest...
Bitcoin Climbs 10% In a Green Day
Investing.com - Bitcoin was trading at $42,802.7 by 12:05 (16:05 GMT) on the Investing.com Index on Friday, up 10.42% on the day. It was the largest one-day...
Blockchain can help publishers improve audience trust
Readers expect their news content to be reliable and trustworthy, yet many doubt it actually is. Readers cite issues like unchecked sources, rushing too...
Litecoin Plunges 30% In Bearish Trade
Investing.com - Litecoin was trading at $126.316 by 12:18 (16:18 GMT) on the Investing.com Index on Sunday, down 30.16% on the day. It was the largest one-day...
Nas brags about Coinbase and crypto wealth in new track with DJ Khaled
American rapper and cryptocurrency investor Nasir Jones, better known by his stage name Nas, has invited fans to join the cryptocurrency industry in a newly...
Norwegian authorities urge crypto users to declare earnings on upcoming return
The Norwegian Tax Administration has issued a warning to crypto traders in advance of Norway's April 30 deadline to file tax returns.According to a notice...
Bitcoin Slips as Altcoins Find Favor Amid Historic $2tn Milestone
By Yasin EbrahimInvesting.com – Bitcoin stuttered Tuesday, as the wave of new funds coming into the market that took the overall market cap above an unprecedented...