Business 11 February 2019

Erik Gibbs

‘Clipper’ crypto-stealing malware found on Google Play

Just like there will always be those dimwitted individuals who try to rob banks, there will always be the same in the digital realm. Things like ID theft and account hacks are nothing new on the Internet, and it shouldn’t surprise anyone that they would also be seen with cryptocurrencies. The biggest difference is that it’s actually harder to get away with crypto theft, since all wallet addresses are traceable and the crypto community is all too happy to track down malicious activity. This isn’t stopping some unscrupulous individuals from trying, though, and another crypto malware has now been identified. Like some of its predecessors, this one was found on the Google Play store. 

According to Ars Technica, Clipper was created to try and steal crypto from those who downloaded the application. It was hidden in plain sight, right on the Google Play store, and is based on a similar malware found in 2017 that targeted Windows machines. 

Ars Technica explains, “The malware, which masqueraded as a legitimate cryptocurrency app, worked by replacing wallet addresses copied into the Android clipboard with one belonging to attackers, a researcher with Eset said in a blog post. As a result, people who intended to use the app to transfer digital coins into a wallet of their choosing would instead deposit the funds into a wallet belonging to the attackers.”

Clipper was concealed as MetaMask, an application that allows Ether (ETH) to work on corresponding apps on Google Play and allowed the cybercriminal to gain control of an ETH wallet if found on the Android device that downloaded it. Ars Technica analyst Lukas Stefanko adds, “This attack targets users who want to use the mobile version of the MetaMask service, which is designed to run Ethereum decentralized apps in a browser, without having to run a full Ethereum node. However, the service currently does not offer a mobile app—only add-ons for desktop browsers such as Chrome and Firefox.”

Apparently, the app was added to Google Play at the beginning of this month and has already been removed. However, Google is supposed to have controls in place to prevent such apps from being uploaded. It might be time for the company to rethink its scanning and approving processes. 

Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.

Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.

COMMENT

latest news

South Korean Kakao puts $57M into blockchain, AI research in Q4 2018

Business 15 February 2019

South Korean Kakao puts $57M into blockchain, AI research in Q4 2018

According to a new report, South Korean internet giant Kakao invested $57 million in the research and development of new blockchain and AI technologies.

Read More
Russian minister: Don’t regulate cryptos, they aren’t payment methods

Business 15 February 2019

Russian minister: Don’t regulate cryptos, they aren’t payment methods

For Alexander Kolanov, it’s simple. Crypto’s aren’t recognized as payment methods in Russia, so they don’t need regulation.

Read More
Crypto market daily report – February 15, 2019

Business 15 February 2019

Crypto market daily report – February 15, 2019

The cryptocurrency markets appeared to be in positive mood on Friday at press time as the majority of coins were up by a considerable margin while other held on to their previous day’s price levels.

Read More