Mobile users have another malware alert this week, and this one is in disguise as crypto wallets on the App Store and is capable of stealing your money. With crypto apps becoming popular over the past year, attackers have found an ideal target to use and lure users. As per the security report from ESET, the malware-infected crypto apps have been discovered in Android and iOS app stores.
The report says attackers are eyeing any user with a smartphone using English as their language, which could be millions in numbers, to be honest. The researchers first heard about the malware-ridden wallets in May last year.
The sophistication of this attack did catch the ESET researchers by surprise, who became aware of their intentions after a different modus operandi was used to attack Android and iOS users. For Android, ESET says, the attackers targeted anybody who is new to the world of crypto wallets. The design of the malware within the app meant users or the Play Store unable to detect any malicious nature of the app, and let it pass through the download process. With iOS, things were smartly handled.
The malicious app could be installed along with the original crypto wallet app. The malware allows the attacker to get access to the back codes of the device and allows them access to details that can easily let them steal money from the devices.
In addition to this, ESET researchers discovered 13 fake wallets that were listed on the Google Play Store, again raising concerns about the app security policy. Apple is more stringent, but this report suggests that App Store could use further supervision of the apps making their way to the store in the future. Crypto is really big, and people are understandably keen on trying their luck or investing in digital assets.
But as always, we want users to be careful while downloading apps. Android users should avoid downloading apps from third-party sources or any website link sent through an unreliable sender.