Lucas Stefanko, the malware analyst from ESET company who is known for exposures of cryptocurrency scams, has recently detected phishing app on Google’s Play Store, which can enable hackers to steal users’ passwords and other credentials on conventional banking apps and cryptocurrency exchanges.
In a video, Stefanko showed Easy Rates Converter – a malicious app that disguises itself as a simple currency conversion app, but, in fact contains a phishing virus mimicking an Adobe Flash update.
Once installed, the malware waited for users to open conventional banking apps like that of CommBank, or the official apps of cryptocurrency exchanges, like that of Binance. When users opened these affected apps, the malware created “fake activity” that overlayed the legitimate app and prompted users to log in as if it was the legitimate app.
Google has reportedly removed the phishing app from the Play Store upon the receipt of Stefanko’s report. The researcher, in turn, pointed out the importance of reading users’ comments to the apps before installing them:
David got scammed because, he didn't read app comments.
Always go through comments before installing apps – it can save you some trouble.
David downloaded fake app and entered login credentials in, even though there were comments indicating it is a scam already. pic.twitter.com/FoosGpgYef
— Lukas Stefanko (@LukasStefanko) November 2, 2018
Similar malware was detected on Android app store as well. In most cases, these are being discovered by common users, who then try to set up red flags for others.
Despite having banned mining apps early this year, Google, nevertheless, have been overlooking some of them from time to time. Thus, Back in May, a cryptocurrency-stealing malware dubbed Cardano ADA Wallet was discovered on Google Play Store by the same ESET cybersecurity team.
“Mobile devices are not designed, nor optimized to mine cryptocurrency. If you leave a mobile device plugged in while mining cryptocurrency unthrottled, there is a legitimate risk it could lead to physical damage,” – cybersecurity expert Troy Mursch commented on the matter.