Even though there was a bit of juice pumped into the crypto market over the market pushing the price of Bitcoin over $3,600, the markets are still way down. Malware is on the rise and is still infiltrating the largest app marketplaces on the web.
Yes, once again the Google Play Store has been found to be hosting malicious applications designed to steal cryptocurrencies. The malware in question, Clipper, has been discovered by researchers at ESET internet security firm who had reported on their findings at the weekend.
The Clipper malware monitors and intercepts the clipboard software which is commonly used to copy and paste crypto wallet addresses. “It modifies the string to that of the attacker so the funds are sent to them instead of the recipient. This crude form of crypto jacking was prevalent a couple of years ago and has now reared its head once again.”
The researchers at the internet security company have claimed that they have found malware on Google’s official Android app store and hosted on Cnet, one of the largest legitimate software download websites. Android/Clipper.C have both grown from their previous attempts at modifying wallet addresses. Metamask is clearly the influence of this version in an attempt to fool the users into downloading what they think is the real app. The report goes on to add:
“We spotted Android/Clipper.C shortly after it had been introduced at the official Android store, which was on February 1, 2019. We reported the discovery to the Google Play security team, who removed the app from the Store.”
For those that don’t know what Metamask it, as it says on their website, it is “a bridge that allows you to visit the distributed web of tomorrow in your browser today.” This allows you to run Ethereum dApps right in your browser without running full Ethereum node.
It’s important to say that there isn’t a mobile version of Metamask and it is only available as a browser plugin for Firefox and Chrome. The methods used to pilfer cryptocurrency are becoming smarter and more sophisticated although this one is an exception.
It is becoming a lot clearer that users are no longer able to rely on the screening processes for the big app stores and play stores.