The ESET security team that found the two fake crypto apps also found out that there was an “overlap in code and interface” in apps’ software.
The two apps are no longer on the Google Play platform, as they have been removed. The app that was trying to pass off as a Trezor app could have been less harmful as Trezor are cold wallets that require the user to physically authenticate themselves using a PIN and seed phrase. But the researchers noted in their post that the app could be used to gather sign-in information from Trezor users.
“We have reported the fake Trezor app to Google’s security teams and reached out to Trezor about the publication of this blogpost. Trezor confirmed the fake app did not pose a direct threat to their users. However, they did express concern that the email addresses collected via fake apps such as this one could be later misused for phishing campaigns targeted against Trezor users.
At the time of writing, neither the fake Trezor app nor the Coin Wallet app are available on Google Play.”
The Coin Wallet app was of more risk to users, as it tried to pose as a wallet app, where users could store their crypto. The coins deposited on the app would have been sent to the scammer’s address. Both of the fake apps had the exact same server address.
“The Coin Wallet app and the fake Trezor app described in the previous section have a lot in common – besides using the same server, they also overlap in code and interface. The Coin Wallet app uses the same icon that we have seen in the fake Trezor app after installation.”
If bitcoin continues its growth trend, we can expect more cryptocurrency scam apps to emerge in the official Android app store and elsewhere. When installing apps, it is important to stick to some basic security principles – even more so when money is at stake.
Featured Image: AndroidPIT