Four fake cryptocurrency wallet applications have been found on Google Play Store that were trying to steal user data. The discovery is credited to Lukas Stefano who is a Malware Researcher.
The applications were providing support for storing NEO, Tether and an extension for Ethereum (ETH) known as Metamask. However, the main use for the applications was to phish user bank credentials and credit card data.
Stefano classified these wallets into two types, phishing wallet and fake wallet where the Metamask extension was a phishing one and the NEO and Tether wallets were fake. Once installed the Metamask extension would ask for tthe user’s wallet private key and password if launched. The surprising thing here is that the applications have crossed 1,000 installs since October.
The fake crypto wallets reportedly did not create a new wallet through generating a public address and a private key — which are needed to securely send and receive digital currency — but only displayed the attacker’s public address with no user access to the private key. Thinking that the app generated their public address, users would deposit their funds to that wallet, but were unable to withdraw them as the private key belonged to a cybercriminal.