Google Play Store Caught Hosting Fake Metamask Crypto Malware

Crypto markets may still be way down but malware is on the rise and is still infiltrating the largest app market places on the web.

Google Play Store has yet again been found to be hosting malicious applications designed to steal cryptocurrencies. The malware dubbed Clipper has been discovered by researchers at ESET internet security firm who reported on their findings at the weekend.

The Clipper malware monitors and intercepts the clipboard software which is often used to copy and paste crypto wallet addresses. It modifies the string to that of the attacker so the funds are sent to them instead of the recipient. This crude form of crypto jacking was prevalent a couple of years ago and has now reared its head once again.

Researchers claim to have discovered the malware on Google’s official Android app store and hosted on Cnet, one of the largest legitimate software download websites. Android/Clipper.C has evolved a little from previous attempts at modifying wallet addresses. This version mimics Metamask on Google Play in an attempt to spoof users into downloading what they think is the real app.

“We spotted Android/Clipper.C shortly after it had been introduced at the official Android store, which was on February 1, 2019. We reported the discovery to the Google Play security team, who removed the app from the Store,” the report added.

There is no mobile version of Metamask, it is only available as a browser plugin for Firefox and Chrome. The methods used to pilfer crypto are becoming more sophisticated and although this one was relatively primitive the fake Metamask app did look very authentic.

It is becoming painfully clear that users can no longer rely on the screening processes for these huge app stores and any efforts to eliminate malicious apps are largely reactive.

Last month crypto malware was discovered lurking on movie download websites. This nasty could spoof search engine results populating them with malicious links from an ad injector that came alongside the downloaded movie.

It is also no surprise that Monero is still the top target cryptocurrency for malware designed to steal by hijacking computer processing power to mine. Reports indicate that as much as 5% of the total supply of Monero has been lost to malware.

Browser companies are upping the ante in the fight against crypto-centric malware and Mozilla is the latest to join the battle. As reported by EWN new features for Firefox will protect users from possible fingerprinting and crypto mining malware.