Malicious Crypto Apps are Ramping Up on Google PlaySome of these apps have thousands of downloads and can fool you into thinking they’re legitimate.
We’ve written about this before, but as the prices of cryptocurrencies are climbing and attracting a lot of new people into the space, I feel it’s crucial we bring it to the light again. Please beware of the risks of downloading and trusting applications when taking custody of their crypto assets — even when they are delivered on a trusted platform.
Recently we took another look at the Google Play store and found a score of new, fake, malicious cryptocurrency apps that mimic real products. Some of these fake apps are targeting users of:DAI Stablecoin (MakerDAO) Trust Wallet MyEtherWallet Coinbase Jaxx
Whilst Google Play does not tell us the actual install numbers, we can see that there has been a minimum of 15,120 installations of these malicious APKs whose only working function is a field for inputting user secrets. After that, the app will display an error.A typical error view the app gives after you input your secrets
The applications/brands that had the most installs — with Google Play reporting “1,000+” — were:com.jaxxx.wallet (Jaxx) com.libertyjaxxxx.app (Jaxx) com.jaxxlite.wallet (Jaxx) com.me.trustappmobiler (Trust Wallet) blockwallet20.bitcoin.wallet.btc (Trust Wallet) Some of the most installed APKs — com.jaxxxx.wallet having 10,000+ Investigation
Most of these APKs pushed data to a custom domain or an instance on Firebase — however, some did push directly to Telegram using their API.