First CryptoCurrency Clipboard Hijacker Found on Google Play Store

[tarekma7]

Researchers last week found the first Android app on the Google Play store that monitors a device's clipboard for Bitcoin and Ethereum addresses and swaps them for addresses under the attacker's control. This allows the attackers to steal any payments you make without your knowledge that you sent it to the wrong address.

A malicious Android app called MetaMask was added to the Google Play store that pretended to be a mobile version of the legitimate service of the same name.  This app, though, was detected by ESET as malicious and when ESET Android security researcher Lukas Stefanko performed an analysis, it was discovered to be stealing a user's cryptocurrency using two different attack methods.

The first attack method the app used was to attempt to steal the private keys and seeds of an Ethereum wallet when a user adds it to the app. When BleepingComputer analyzed the app's APK file, we found that the app contains information that can be used to send this stolen data to a Telegram account.

More information..........HERE