Fake MetaMask App Containing Malware Pulled From Google Play Store

  • After the tip-off from the Eset researchers at the beginning of the month, Google removed the app impersonating MetaMask from their store.
  • The malware known as “Clipper” could intercept the content of the clipboard, and if recognised as an address of a cryptocurrency wallet, change the content with an address belonging to the attacker.
Fake MetaMask App Containing Malware Pulled From Google Play Store After Tip-Off

New app impersonating MetaMask was found on the Google Play store containing malware capable of replacing victims’ wallet addresses, the cybersecurity company Eset reported on Feb. 8.

After the tip-off from the Eset researchers at the beginning of the month, Google removed the app impersonating MetaMask from their store.

The malware known as “Clipper” could intercept the content of the clipboard, and if recognised as an address of a cryptocurrency wallet, change the content with an address belonging to the attacker. The Eset blog post explains:

“The malware’s primary purpose is to steal the victim’s credentials and private keys to gain control over the victim’s Ethereum funds. However, it can also replace a Bitcoin or Ethereum wallet address copied to the clipboard with one belonging to the attacker.”

According to the blog post the malware was discovered on February 1st, 2019 and was reported to the Google Play security team on the same day, who then promptly removed the app from the store.

The malware infested app was impersonating decentralized app MetaMask, which is one of the oldest Ethereum based DApps. MetaMask tweeted in regards of the discovery:

As the tweet suggests, this is not the first time MetaMask had an issue with Google. In July last year the company’s browser extension was pulled down from Google’s Chrome Web Store for around six hours before being restored. 

A subsequent post from MetaMask revealed the action was an error on Chrome’s side. Even though a mobile app version of MetaMask was announced last year at Devcon, a product for mobile devices is yet to come.

Discussion
Related Coverage
Google Play Store to Allow NFTs in Apps and Games
  • The Google Play store has changed its policy on digital assets, and will now allow developers to incorporate NFTs into their apps and games on the platform.
  • Publishers will have to follow certain rules, however, such as maintaining transparency regarding the use of NFTs and not allowing gambling in their apps and games.
July 13, 2023, 1:23 PM
google

Shutterstock

MetaMask Wallet Simplifies Direct Crypto Purchases in Nigeria
  • MetaMask expanded its partnership with MoonPay to allow users in Nigeria to buy cryptocurrencies directly from its mobile wallet app and Portfolio dApp.
  • MetaMask noted that the new crypto on-ramp feature will be expanded to other African countries in the coming month, including Kenya, Botswana, and South Africa.
Wyre Places 90% Withdrawal Limit on All Accounts
  • The company noted that it will continue to operate, and that the 90% withdrawal limit will help it better navigate the prolonged bear market.
  • Wyre CEO Yanni Giannaros has transitioned into a new role as executive chairman, while its CRO and CCO, Stephen Cheng, is taking the role of interim CEO.