These Google Play apps tried to steal cryptocurrency

Two apps on the Google Play Store have been identified that were trying to steal cryptocurrency. They were actually disguised as cryptocurrency apps, but actually had malicious intent.

The researchers who identified the app said one of them didn’t work as intended, but the other was designed to steal crypto assets. That said, the two were actually connected together.

These two applications actually impersonated another app — Trezor, which is a legit hardware cryptocurrency wallet. While the apps weren’t able to steal cryptocurrency housed by Trezor, it did attempt to deceive its downloaders into turning over login credentials, where the cryptocurrency of a victim would then be transferred into the attacker’s own wallets.

Surprisingly, the app actually appeared trustworthy, even coming up as the number two search on Google Play when you searched for “Trezor.”

ESET, the research and security firm that found this, contacted Google immediately, and the apps were pulled the next day.

These apps have actually been on the Google Play Store since February 25. It is unknown if the apps were successful in stealing crypto assets.

source: ESET

Photo of author

Brad Coleta

Brad Coleta is a passionate reporter for The Droid Guy, covering all aspects of mobile, gaming, software, apps, and services. He graduated from the University of Rochester in New York with a degree in Electrical and Computer Engineering. When he's not reporting, he's a huge fan of the New York Giants and Yankees. But what might surprise you is that he also enjoys reading Manga during his down time. Brad is a dedicated reporter, always looking to tell the stories of the tech world. Contact me at Email or LinkedIn

Posts you might like