Fake MetaMask app hiding clipper malware has been found on Google Play

Hacks • February 11, 2019, 4:00PM EST

UPDATED: December 26, 2019, 4:03PM EST

A fake app containing Android//Clipper.C recently made its rounds on the official Android app store, Google Play, ESET’s WeLiveSecurity reports.

The app was designed to impersonate a real service, MetaMask, which allows users to run ethereum dApps within a web browser, and without a full Ethereum node. Attackers have taken advantage of MetaMask's lack of an Android app and made it look like an official product.

The hidden malware replaced the cryptocurrency wallet address copied to the user’s clipboard with one belonging to the hacker. As noted by ESET, this method has proven effective because users tend to copy and paste their wallet addresses due to their length. In addition to swapping the infected device’s clipboard data, the malware was also able to retrieve the victim’s crypto-related credentials.

The malicious app has been deleted from Google Play shortly after its discovery by ESET’s team.

More by Carol Gaszcz

Scammers send emails impersonating FCA, offering 'guaranteed' cryptocurrency investment opportunity

July 23, 2019, 12:31PM EDT

Bitcoin

49% of Americans have a cash-back credit card, survey shows

July 23, 2019, 11:20AM EDT

The Block

Bitcoin's fourth halving block sees additional $2.4 million reward paid as fee

Bitcoin ushers in fourth halving as miners' block subsidy reward drops to 3.125 BTC

FTX investors move to settle with SBF in exchange for information to go after celebrity boosters

IRS releases draft form to report certain crypto transactions

Coin Center criticizes 'unecessary' and 'unconstitutional' stablecoin bill

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro