Decentralized app () MetaMask is facing fresh problems from after impersonating the tool appeared on Google Play, cybersecurity company Eset Feb. 8.
The malware, which replaces computer clipboard information in an attempt to steal cryptocurrency, was removed by at the beginning of the month after a tip-off from Eset researchers.
Known as a ‘Clipper,’ the malware replaces copied cryptocurrency addresses with an address belonging to an attacker in the hope funds will be sent elsewhere without the user noticing.
The discovery marked the first time such malware had made it past Google’s vetting procedures, the security firm notes.
“The clipper we found lurking in the Google Play store, detected by ESET security solutions as Android/Clipper.C, impersonates a legitimate service called MetaMask,” Eset explained, continuing:
“The malware’s primary purpose is to steal the victim’s credentials and private keys to gain control over the victim’s Ethereum funds. However, it can also replace a ₿itcoin or Ethereum wallet address copied to the clipboard with one belonging to the attacker.”
MetaMask, which is one of the oldest Ethereum ()-basd DApps, has fallen victim to malicious schemes before.
In July last year, Google developers from Google Play altogether, leaving only fake impersonations. A subsequent report from MetaMask revealed the action had occurred by mistake.
In November, MetaMask its plans to launch a mobile app, which ended up being the target of the latest malware issue.
Published at Mon, 11 Feb 2019 09:06:00 +0000
