Bad Actors Now Scamming Bitcoiners Via Google Play  

Bad Actors Now Scamming Bitcoiners Via Google Play  

Just like in the traditional financial system where fraudsters never cease to exist, crypto thieves are also getting smarter every day. In the latest, they’ve now moved from conducting cryptojacking operations to creating fake apps on Google Play, in a bid to “phish” for bitcoin (BTC), reports SecurityBrief on May 23, 2019.

Fake Apps Live on Play Store

Per sources close to the matter, rogue actors have launched several phony cryptocurrency apps on the Google Play store with the aim of phishing and stealing users’ cryptocurrency.

While 2018 was a dull year for cryptocurrency market participants, including Bitcoin miners and crypto traders, as the price of Satoshi Nakamoto’s virtual currency lost nearly 80 percent of 2017’s massive gains, April brought in a breath of fresh air to the markets, sending BTC to $8,000.

In the same vein, cyberpunks have taken advantage of the latest price rally to develop various malicious cryptocurrency wallets to defraud unsuspecting digital assets holders.

Reportedly, these rogue actors have created an application impersonating the popular Trezor cryptocurrency wallet.

Though the researchers have stated that the fake app is not powerful enough to cause any harm to Trezor users, since wallet has multiple security layers, the malicious app is, however, connected to another phony crypto wallet called “Coin Wallet,” which is capable to scamming those who download it.

Expertly Crafted

Commenting on the matter, Lukas Stefanko, a researcher at the ESET cybersecurity firm, noted that:

“We haven’t previously seen malware misusing Trezor’s branding and were curious to find out the capabilities of such a fake app. After all, Trezor’s hardware wallets require physical manipulation and authentication via PIN, or knowledge of the so-called recovery seed, to access the stored cryptoassets.”

Notably, the researchers have revealed that the fraudsters used an app template they purchased online to create the malicious Trezor mobile wallet app which was “uploaded to Google Play on May 1, 2019, under the developer name “Trezor Inc.”

The app claims to be a multi-currency wallet; however, it’s primary objective is to deceive users into transferring their hard-earned cryptos to the scammers’ wallet addresses.

“The fake Trezor app’s page on Google Play appeared trustworthy at first glance, coming up as the second most popular result when searching for ‘Trezor’ on Google Play, right behind Trezor’s official app,” added Stefanko.

The researchers advised crypto hodlers to only trust and download apps that come directly from the original source, avoid entering personal data into online forms unless the source has been duly verified, while also installing useful mobile security tools.

Follow Us on Google News
Ogwu Osaemezu Emmanuel

Ogwu Osaemezu Emmanuel is a graduate of Mass Communication and Media Studies. He joined the blockchain movement in 2016 when a friend of his introduced him to an investment platform accepting bitcoin. He has never looked back since then. Emmanuel believes the world needs real change and freedom from poverty. He sees crypto and the underlying distributed ledger technology as the catalyst to a better future for all.