Clipper- Cryptocurrency Stealing Malware Discovered on Google Play Store

the latest hacking news
  • Researchers discovered new cryptocurrency-stealing malware named clipper on Google Play Store.
  • The malware was discovered impersonating a legitimate service called MetaMask.
  • The malware is capable of stealing credentials and private keys
  • Google has removed the app from the play store

Security researchers have discovered a new strain of cryptocurrency-stealing malware named clipper on Google Play Store.

The malware was discovered by security researchers at ESET security firm which was hidden inside an android app called MetaMask.The app itself was fake as MetaMask doesn’t have a mobile application.  

The Metamask is a browser extension which allows you to run Ethereum Apps in your browser without running a full Ethereum node.

The malware aims to steal credential and private keys to gain control over the victim’s Ethereum funds.

The malware is also capable of replacing Bitcoin or Ethereum wallet of users copied to the clipboard with the one belonging to the attacker.

In order to make transaction users needs to enter the recipient’s wallet address in the app.

Usually, instead of manually typing these long and complicated addresses, most of the users will copy and paste them.

The clipper monitors system clipboard, once it detects values look like a target address it replaces it with the address belonging to the attacker. This way the clipper is also capable of stealing users credential and private key whenever they are copied to the clipboard.

Researchers discovered the malicious app on February 1 and reported it to the Google security team, who removed the app from the Play Store immediately.

Always follow these basic steps to prevent your smartphone from infection:

  1. Always switch off “Allow installation from unknown sources” in security settings thereby restricting download apps from a third party and anonymous sources.
  2. Don’t download attachments from unknown sources.
  3. Always Use google play store to install apps, don’t use any third party app stores.
  4. Download apps from verified developers and check their app rating and download counts before installing an app.
  5. Verify app permission before installing an app.
  6. Install the best and updated antivirus/anti-malware software which can detect and block these type of malware.
  7. Always keep play protection ON
  8. Always keep your device OS and apps up to date.

For the latest cyber threats and the latest hacking news please follow us on FacebookLinkedin and Twitter.

You may be interested in reading:Several Photo Editing Apps Found Stealing Users Photos


Please rate this content