X
search

Newly Uncovered Crypto Malware Can Steal Seed Phrases

Pictured: Chethan Rao
By Chethan Rao
March 29, 2022
Featured image for Newly Uncovered Crypto Malware Can Steal Seed Phrases

Security research firm ESET Research has uncovered crypto malware disguised within fake cryptocurrency apps, affecting Android and iOS users. This comes when smartphone malware is fairly ubiquitous, becoming more and more complex with each passing year. ESET said the people responsible for the malware “looked at some good, legitimate applications and copied the code for their own malicious purposes.”

The research firm said it found “dozens” of iOS and Android apps in 2021, with some of them mimicking the appearance of popular apps like Coinbase, imToken, MetaMask, Trust Wallet, Bitpie, TokenPocket, or OneKey (via Android Police). Once installed, the attackers could steal seed phrases from the users, offering them access to their crypto wallets in the process.

To make the operation seem legitimate, the attackers even placed ads for these malicious apps on various websites. Additionally, the team spread the news about these fake crypto apps on platforms like Facebook and Telegram.

More crucially, ESET said it found vulnerabilities on the attackers’ servers leading to data being sent over insecure connections. This means the data could be theoretically accessed by people other than the cyberattackers. It’s important to note that a large portion of this malware impacted users in China. However, the malicious apps were also briefly available on the Play Store, suggesting it has likely spread beyond China.

Google removed 13 apps on the Play Store impersonating a popular crypto wallet app

ESET reports that the code used to develop these malicious apps are already online. So users need to be on guard while installing crypto apps on their devices. Based on the information provided by ESET, Google has removed 13 apps on the Play Store that mimicked the Jaxx Liberty Wallet app.

Fake Jaxx Liberty Wallet App
Fake Jaxx Liberty Wallet App 1
Fake Jaxx Liberty Wallet App
Fake Jaxx Liberty Wallet App 1

The best way to avoid falling into the trap is to ensure you’re downloading the app from official sources. Crypto wallets usually have their dedicated website, found with a quick Google Search. We also recommend checking out the reviews and ratings for a crypto app you’re trying to download. If a popular crypto app doesn’t have enough user ratings, it’s probably not the real deal.

This isn’t the first instance of cyber attackers trying to steal users’ financial info via deceit, and it probably won’t be the last time.

  翻译: