A new Android app has been discovered that uses malware to steal crypto.
Considering that the address of a wallet is usually a long and hard to remember string, as well as tedious to type every time, when one uses their crypto wallet they often tend to copy and paste it somewhere, committing one of the most common mistakes of crypto owners.
Hackers know how to take advantage of these mistakes and a new Android app has been discovered that, pretending to be MetaMask, used a malware called ” Android/Clipper. C”.
Basically, this Android app was activated every time the user pasted his address on an online file, thus stealing the wallet’s credentials.
In addition, the Android app was able to replace the original addresses with those of the attacker: since some services obscure the address, it becomes virtually impossible to understand if the right private key has been pasted. The hacker’s addresses have been identified:
BTC address: 17M66AG2uQ5YZLFEMKGpzbzh4F1EsFWkmA
ETH address: 0xfbbb2EF692B5101f16d3632f836461904C761965
The app was also discovered because the services offered by MetaMask are not available through apps but only through browser plug-ins. The app has been promptly removed from the Google store, even if it’s not the first time that the name of MetaMask has been used to create a malicious app, although never at this level of danger.