Published: 30.03.2022
Article reading time:
2 minutes.
ESET Research analysts spoke about a sophisticated scheme for stealing cryptocurrencies from mobile wallets on smartphones with the most popular operating systems.
ESET Research reports that since May 2021, the company’s experts have identified dozens of mobile applications that use a trojanized wallet program for Android and iOS platforms to steal cryptocurrency.
ESET experts found that the authors of the malicious code carried out an in-depth analysis of legitimate applications that are illegally used in a criminal scheme. This allowed us to inject our own code into places that were implicit and hard to find. At the same time, the applications modified by the attackers fully retained their functionality.
“These malicious applications pose a threat because some of them send the victim’s secret seed to the attacker’s server using an insecure HTTP connection. This means that the funds of the victims can be stolen not only by the operator of the scheme, but also by any attacker monitoring the same network. We also found 13 malicious apps impersonating the Jaxx Liberty wallet. These applications were available in the Google Play Store,” says ESET analyst Lukáš Štefanko.
According to ESET Research, malicious applications are distributed through fake websites that almost completely imitate the official sites of popular crypto wallets, such as Metamask, Coinbase, Trust Wallet, TokenPocket, Bitpie, imToken, OneKey and the like.
Analyzing the channels for promoting fake applications, ESET Research draws attention to the fact that it can occur through misleading advertising banners and articles posted on supposedly official sites. It is necessary to critically evaluate advertising offers on social networks, where attackers can recruit intermediaries through Telegram or Facebook groups to further distribute malicious applications.
Based on circumstantial evidence, ESET suggests that the source code of this new threat was published on several Chinese websites, which contributed to the spread of trojanized cryptocurrency wallet applications.
Recently, the developers of the Ronin Network sidechain involved in the game Axie Infinity reported a hacker attack during which the attackers managed to crack the private keys and steal 173,600 ETH and 25.5 million USDC.
Source: Bits
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.
