Google Hosted Malware App that Steals Cryptocurrency

This malicious Play Store app was designed to steal cryptocurrency deposits

This malicious Play Store app was designed to steal cryptocurrency deposits

Online security firm ESET discovered an app in the Google Play Store (via Ars Technica) that steals cryptocurrency being deposited into online wallets belonging to cryptocurrency users. While such apps were seen by ESET on the Windows platform back in 2017, and on "shady" Android app stores a year ago, this new "clipper" app was discovered in the Google Play Store just this month. While there is a legit website called MetaMask that offers "a secure identity vault, providing a user interface to manage your identities on different sites and sign blockchain transactions", there are only add-ons available for Chrome, Firefox, Opera, and the fearless browser.

Lakers expect Lonzo Ball back after All-Star break
James is averaging 26.9 points per game and is shooting over 50 percent from the floor. Lonzo Ball is happy he's still with the Lakers . "LeBron's hurt, he's getting old".


The first attack method the app used was to attempt to steal the private keys and seeds of an Ethereum wallet when a user adds it to the app. Called "Android/Clipper.C" by researchers, the malware could access and change text on the Android clipboard. As cryptocurrency addresses are composed of a long string of numbers and characters, it is hard to memorize them.

2018 was the fourth warmest year on record
Record levels of man-made greenhouse gas emissions, mainly from burning fossil fuels, trap ever more heat. The warmest year was 2016, followed by 2017, 2015, 2018 and 2014, according to NASA's rankings.


The "clipper" apps replace the correct address on the clipboard with the address of the hacker's own virtual wallet, which means that the victim unknowingly could be depositing his bitcoins into the wallet of an unknown thief. Rather than typing them out, most people copy and paste them using the Android clipboard-something that "clipper" malware uses to its advantage. While this is a legitimate service for running distributed Ethereum apps, MetaMask only offers add-ons for popular browsers; it does not have a mobile application.

Janelle Monae Applauds Jump in Grammy Nominations for Women
Carlile is the most nominated woman with six nominations, including bids for song and record of the year with "The Joke". Portnow announced later in the year that he would not seek to extend his contract, which ends this year.


Unfortunately, there's no full-proof way to detect and avoid malicious apps like this yet. It's also worthwhile to investigate official websites.

Latest News