Feb 13, 2019 06:30 UTC

| Updated:

Feb 14, 2019 at 05:18 UTC

Fake MetaMask Crypto Malware Hijacks Clipboard To Steal ETH

By Kapil Gauhar

Malware designed to intercept and replace virtually-copied crypto addresses with those belonging to hackers has been found in the fake MetaMask app available until recently on Google Play.

As indicated by cybersecurity firm, WeLiveSecurity, the malicious app, “Android/Clipper.C” was, “…spotted shortly after it was introduced at the official Android store, which was on February 1, 2019.”

The firm says that it reported the infected app to Google Play, and it has been removed from the platform now.

In the meantime, any user who mistakenly downloaded the malicious Ethereum “MetaMask” app, may have had their crypto sends and receives compromised –

“For security reasons, addresses of online cryptocurrency wallets are composed of long strings of characters. Instead of typing them, users tend to copy and paste the addresses using the clipboard. A type of malware, known as a ‘clipper,’ takes advantage of this. It intercepts the content of the clipboard and replaces it surreptitiously with what the attacker wants to subvert. In the case of a cryptocurrency transaction, the affected user might end up with the copied wallet address quietly switched to one belonging to the attacker.”

The malware’s presence on Google Play Store was reportedly new –

“This dangerous form of malware first made its rounds in 2017 on the Windows platform and was spotted in shady Android app stores in the summer of 2018. In February 2019, we discovered a malicious clipper on Google Play, the official Android app store.”

Malicious apps copying MetaMask, designed to run Ethereum decentralized apps in a browser, without having to run a full Ethereum node, are not new –

“Several malicious apps have been caught previously on Google Play impersonating MetaMask. However, they merely phished for sensitive information with the goal of accessing the victims’ cryptocurrency funds.”

Crypto users are recommended to always double check the crypto addresses, whether copying-and-pasting them or not. Because, one mistake in the long alphanumeric addresses will result in the crypto tokens either failing to send or being miss-sent.

Kapil Gauhar

Kapil Gauhar is the founder of Blogger’s Gyan. He is a Passionate Blogger, a Big Thinker and a Creative Writer. His passion for doing friendship with words and letting people know about the wonders of the Digital World is what motivates him to take writing as a career.

Related Posts

Staking crypto- Quick Tips for Beginners to Earn by stakingfarm

READ MORE 1 week ago

Wyre, a cryptocurrency payments platform, shuts down due to a bear market

READ MORE 10 months ago

Crypto derangement syndrome’ and the SEC are three issues that Mark Cuban addresses

READ MORE 10 months ago

Democratic Party’s ‘war on crypto’ will lose critical supporters: Twins of Winklevoss

READ MORE 11 months ago

Ex-NFL club owner Reggie Fowler receives a six-year sentence for cryptocurrency “shadow banking”

READ MORE 11 months ago

Tornado Cash sanctions are still being fought against by cryptocurrency activists

READ MORE 11 months ago

A new version of Bitcoin Ordinals is released to address the “Cursed Inscriptions” problem

READ MORE 11 months ago