A number of cybercriminals have recently created fake apps that look just like well-known digital currency wallets. These fraudulent applications have so far stolen the capital of some users of Android and iOS mobile phones.
ESET, one of the world’s leading anti-virus software vendors and service providers, has been detecting malicious and complex digital currency fraud for some time, according to Tracker. The project was launched in May last year (May 1400) and its target audience is users of smartphones based on Android and iOS.
This scam seems to be a team effort with a history of online crime that uses a series of malicious applications. These applications are distributed through fake websites to steal bitcoins and other digital currencies from inexperienced users. These applications are built from common portfolios such as Metamask, Coinbase, Trust Wallet, TokenPocket, Bitpie, imToken and OneKey.
People behind this scheme use ads placed on legal websites. These ads have misleading articles that entice the user to fake websites that contain this fake wallet. In addition, these cybercriminals are also mediated through groups on Facebook and Telegram. Although the main goal of this plan is to steal the capital of all consumers, the study of this security company shows that the mentioned fraudsters are more focused on Chinese consumers. However, as the popularity of digital currencies grows, ESET expects the scope of this fraud to expand to markets in other countries.
The researcher who discovered the design is called Lucas Stefanko, who gave more details about his work in a press release.
These malicious applications threaten users in other ways. Some of them send the words to restore the victim’s wallet to the attacker’s server using an insecure “HTTP” connection. This shows that not only the perpetrators behind this plan can steal the victims’ money; But another attacker who has access to this network information may steal their funds. We also found 13 scam applications based on Jaxx Liberty wallets. These apps were once available in the Google Play Store.
Read also: Crimes in the world of digital currencies; Challenges and coping strategies
In May last year (May 1400), ESET security researchers discovered dozens of counterfeit and malicious digital currency wallets.
What sets this scam apart from other scams is that its malware author has thoroughly analyzed legitimate digital currency applications to insert malicious code into areas that are very difficult to detect. At the same time, these criminals have made sure that the performance of their fake programs is exactly the same as the original version of digital currency wallets.
ESET has uncovered dozens of groups promoting counterfeit versions of Telegram’s digital currency portfolios since May 2021. Since October last year, Telegram group membership addresses have been shared in 56 Facebook groups to help criminals find more distribution partners. of their malicious programs. Then, in November 1400, ESET discovered that counterfeit wallets were distributed on two perfectly legal Chinese websites.
The performance of these scam apps is different on Android and iOS mobile phones. For Android phones, the attackers are targeting new users of digital currencies who have not previously installed other wallet applications on their devices. However, on iOS devices, users were able to install the original and counterfeit versions of these wallets at the same time.
As the source code of this scam has expired and been shared on several Chinese websites, it could attract other cybercriminals and spread even more.
Consumers who want to start buying and selling digital currencies are advised to download the mobile version of the digital currency wallet only from the official Apple App Store and Google Play Store.
ESET Security Alert publication: Several counterfeit digital currency wallets are stolen by Android users and iOS first appeared in Digital Currency.