cryptomining

Fake MetaMask Crypto Malware Pulled

Fake MetaMask Crypto Malware Pulled

An application pretending to be DApp MetaMask contained malware that aimed to steal coins by replacing wallet addresses.


Decentralized application (DApp) MetaMask is facing new problems from cryptocurrency scammers after malware impersonating the tool appeared on Google Play, cybersecurity company Eset reported Feb. 9.

The malware, which replaces computer clipboard info in an attempt to steal cryptocurrency, was removed cryptoby Google at the beginning of the month after a tip-off from Eset researchers.

Known as a ‘Clipper,’ the malware replaces copied cryptocurrency wallet addresses with an address belonging to an attacker in the hopes funds will be sent elsewhere without the user noticing.

The discovery marked the first time such malware had made it past Google’s vetting procedures, the security firm notes.

“The clipper we found lurking in the Google Play store, detected by ESET security solutions as Android/Clipper.C, impersonates a legit service called MetaMask,” Eset explained, continuing:

“THE MALWARE’S PRIMARY PURPOSE IS TO STEAL THE VICTIM’S CREDENTIALS AND PRIVATE KEYS TO GAIN CONTROL OVER THE VICTIM’S ETHEREUM FUNDS. HOWEVER, IT CAN ALSO REPLACE A BITCOIN OR ETHEREUM WALLET ADDRESS COPIED TO THE CLIPBOARD WITH ONE BELONGING TO THE ATTACKER.”

MetaMask, which is one of the oldest Ethereum (ETH)-basd DApps, has fallen victim to malicious schemes in the past.

In July of last year, Google developers pulled the application from Google Play altogether, leaving only fake impersonations.

A subsequent report from MetaMask revealed the action had occurred by mistake.

In November, MetaMask confirmed its plans to launch a mobile application, which ended up being the target of the latest malware issue.

CBNN

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.