Four fake cryptocurrant portfolios found on the Google Play Store

The malware researcher Lukas Stefanko found four fake cryptocurrency portfolios on Google Play Store that were trying to steal users' personal data, according to a post published on November 13th.

Apps appeared as cryptocurrency portfolios for NEO, Tether and an extension to access Ethereum (ETH), MetaMask. They are designed to transmit users' mobile banking credentials and credit card information.

Stefanko ranked the portfolios in two groups, in which the fake MetaMask app was a "phishing wallet" and the other three were "fake portfolios". Once the phishing app is installed and launched, it requires the user's private key and password for the wallet.

In a video attached to the blog post, Stefanko explained his research on "fake portfolios", referring to the example of the fake NEO app nicknamed "Neo Wallet", which had over 1,000 installations since its launch in October.

Apparently, the fake cryptographic portfolios have not created a new wallet by generating a public address and private key, necessary to send and receive the digital currency securely, but only to view the public address of the attacker without access of the user to the private key. Thinking that the app had generated their public address, users would have deposited their funds on that wallet, but they were not able to withdraw them because the private key belonged to a cyber criminal.

Stefanko noted that the apps were developed using the Drag-n-Drop app creation service, which does not require user-specific coding knowledge. This means that almost anyone is able to "develop" a simple malicious app to steal sensitive personal data, "once the price of Bitcoin (BTC) increases," according to Stefanko.

The analyst states in the post that reported the fake apps to the Google security team, after which the portfolios were subsequently removed.

Just yesterday, Cointelegraph reported that the official Twitter account of the Google G Suite was allegedly compromised to promote a Bitcoin (BTC) scam. Reportedly, the Scammers spread a message that attracts users to participate in a fraudulent 10,000 BTC giveaway.