Cryptocurrencies have recently experienced a phenomenal surge in prices commensurate to that witnessed in late 2017. Everyone is eager to get a piece of the crypto pie. Although mobile apps in the crypto scene have enhanced positive numerous transactions, they have also created an avenue for cybercriminals to scam unsuspecting customers.
For the past few months, attackers have capitalized on the high Bitcoin prices to scam users by using fake apps. To make matters worse, users are not able to distinguish counterfeit apps from genuine ones.
Trezor Mobile Wallet
This was spotted as a phishing app recently by users
on Reddit. This application became live on May 1 this year as an attempt to
impersonate Trezor, a known genuine crypto
wallet. The fake app which listed its creator as “Trezor Inc” could easily pass
as legitimate due to its captivating images and high search rankings on Google
Play. But there are several details that gave it away. First off, the symbol on
Play Store did not look like the one displayed on users’ screens upon installation.
Similarly, the application had a generic login page that lacked Trezor`
branding.
The page would essentially harvest users` credentials and direct them to the spammer’s server. Thanks to multiple security walls, however, the fake version hasn’t caused serious damage yet. You need a unique PIN code and recovery seed to get coins stored in the wallet.
The legitimate app, “TREZOR Manager,” also has similar features. Even so, you can’t rule out the possibility of fraudulently using login details in the future. Besides, the fake version was linked to another app called “Coin Wallet” which could be used to swindle cash from unsuspecting users. Though they have since been cut from Play Store, the apps had already been downloaded by thousands of innocent users.
Coin Wallet App
Although the name indicated on the site is “Coin Wallet,” it was also found on the Play Store from February 7 to May 5, this year as “Coin Wallet – Bitcoin, Ripple, Ethereum, and Tether.” Despite claims of being available on Apple’s App Store, following the link displayed on the site only leads you to PNG images. This app has several common characteristics with the counterfeit Trezor wallet.
In addition to sharing a server, they have overlapping
interface and code. What’s more, both were developed from a $40
online template. With the words “World’s leading Coin Wallet” on its site, this
application claims to provide users with a platform to develop wallets for
different crypto coins. But it only tricks you into sending cryptocurrency to
the fraudsters’ wallet.
The scammers achieve this by providing users with an address
to transfer their coins. Unbeknownst to them, the wallet address is owned by
attackers who hold the private key for the coins. Another red flag is giving all
users a similar wallet address yet the app claims to support 13 individual currencies.
22 Apps containing
Malware
This is not the first time crypto apps are being
counterfeited. On 6th June 2019, Lukas Stefanko reported 22
apps containing malware on his Twitter page. The Malware Researcher at ESET
discovered the sketchy apps on Play Store. They were posing as online wallets
for Tether, NEO, and extension to Ethereum (ETH), MetaMask.
Stefanko classified these apps into two groups. In the first category, users were requested to provide their crypto wallet password together with the private key as seen with the counterfeit MetaMask app. The second group comprised of fake wallets that didn’t make an additional wallet by producing a private key with a public address. Instead, they only showed the scammer`s public address without allowing users to acquire the private key.
This gave users the impression that the app had already
generated a public address for them to deposit their coins. Unfortunately, users
couldn’t withdraw their funds because they didn’t possess the private key. All
the apps were built using Drag-n-Drop technology. This poses a threat to crypto
security because individuals with no coding experience can develop similar
apps.
How to Protect Your
Coins
Even though the fake apps are no longer available on Google Play, you can’t rule out the possibility of similar scams in the future. As such, there’s a need to exercise caution when dealing with cryptocurrencies online. Below are safety measures you can employ to protect your funds.
- Update Your Software
Ensure both your wallet and device software are up to date. Apart
from boosting performance, software updates protect your personal data from malware
and keeps hackers at bay by patching security holes. Though automatic updates
allow timely access to newer software versions, it’s prudent to disable them when
dealing with crypto apps. Not downloading the application immediately after
release provides time for other users to sample the newer version and check
whether it has bugs.
- Use Trustworthy
Antivirus Software
Hackers will use malware to acquire sensitive information
such as wallet addresses and passwords. That is why it is crucial to find legitimate
antivirus software. Generally, paid software’s are stronger than free
alternatives. Even so, a subscription fee does not guarantee security. In
addition to coming from a reputable source, make sure the antivirus system is easy
to use and has an available support team.
- Only Use Apps From the Official Service
Provider
You can distinguish an original app from fakes ones by identifying
the publisher. Since stores bar multiple developers from using the same name, scammers
try to appear authentic by adding spaces and characters to the title.
What’s more, genuine apps have the publisher’s domain and provide
detailed explanations of how it functions. You could also look at when the app
was published. Counterfeit apps have a recent date and rarely contain any updates.
In the case of apps offering shopping discounts, ensure you visit the official
website to confirm the details.
- Don’t Click on Suspicious Links
Phishing campaigns can take the form of ads and requests to upgrade your password. Thus, avoid links from instant messages and random emails unless they are from trusted sites. To be safe, ascertain domains are not attached to extra subdomains. Similarly, trusted sites are formatted as “https” and contain a padlock symbol at the far left. You could also view the site’s certificate details or check for any spelling error in the address.
Final Thoughts
Research is critical when making crypto-related decisions. A blind uninformed decision could not only give away your personal details but could also result in loss of funds, thus great care should be employed.
Featured image via BigStock.