Lukas Stefanko Today, May 23, 2019, via the ESET official platform revealed yet another set of cryptocurrency phishing apps he discovered on the Google Play Store platform recently. Though the apps have been reported and taken down, Stefanko is once more reminding the cryptocurrency community on the essence of keeping their crypto assets as secure as possible.
Another Case Of Cryptocurrency Phishing On Google
Lukas Stefanko, a security researcher at ESET – an IT security solution firm popularly known for the ESET antivirus – recently discovered two cryptocurrency stealing apps on the Google Play Store.
These apps were launched on Google Play Store on May 1, 2019, and had over a thousand downloads each, ranking second in results when “Trezor” is searched, before it was pulled down from the app store by Google’s security team.
According to the report Stefanko, there have been reports before now – about two weeks back – on the existence of these apps. It is very likely that these reports may have sprung the researcher into action.
In his findings, Stefanko claims one of the apps was a clone of the popularly known Trezors’ interface. Though it was confirmed that the app had no connection to the real Trezor app nor store coins from the Trezor device, it was mentioned that the app was connected with the other which could be used to scam crypto assets from unsuspecting members of the public.
According to his report, the app posed as a useful tool – a multi-asset cryptocurrency wallet – which users can use to save different coins and tokens all in one place, but in reality, was used to collect user data to steal cryptocurrencies.
Phishing Apps Continues To Trend
As cryptocurrency assets become more valuable, so is the desire of cyber attackers to own more.
At this point, it is unclear if the perpetrators were successful in their mission or how much they were able to garner from their quest. All we know is there was a considerable number of downloads.
This isn’t the first time such will happen. The Google Play Store has become a platform where cyber attackers easily carry out their plans without hindrances.
In a similar case, Lukas Stefanko had also reported on November 13, 2018, cases of four fake cryptocurrency wallets found on the Google Play Store. These apps had about the same number of downloads – some hundreds to a thousand downloads – before they were reported and taken down by Google’s security team at the time.