ESET researchers have detailed on a campaign where hackers are looting the cryptocurrencies of unsuspecting people, by stealing their wallets’ seed phrases.
They noted the campaign leverages clones of prominent apps involved in cryptocurrency, which are infested with data stealing trojans. Hackers are seen going to an extent of advertising their malicious clone apps in legitimate sites, just to lure people and steal their cryptocurrency balances.
Malicious Clones of Legitimate Cryptocurrency Apps
Scams in the cryptocurrency space is on a constant rise. And this is due to the lack of understanding of how this field works, and also the basic security measures that needs to be followed by noobs. But since fresh traders jump in skipping all these important steps, they quickly become the victims of any sophisticated hacker.
And the ones from ESET’s findings are one among such. As per its We Live Security blog, ESET noted a campaign it’s been tracking since the beginning of 2021, where a hacker (or a hacking group) has been targeting unsuspecting crypto freshers.
They’re running a campaign which includes distributing “dozens” of fake Android and iOS apps that looked like legit crypto wallets, like Coinbase or Metamask. They’re said to carry trojans that steal data from victim’s device and send to hacker’s C2.
The campaign is so carefully planned that, hackers craft the maliciously cloned apps with expected working features, and distribute them on legitimate sites! Checking up their integrity is hard, as they often hide the offending code somewhere within.
The hackers go so far to gain the trust of people that, they even reach through middlemen found on Telegram and Facebook. All this is to obtain the seed phrases of victims cryptocurrency wallets, and steal their valuables within.
The campaign is primarily targeted at Chinese users, but researchers found more than a dozen variations on one of the malicious apps on The Play Store alone. So, it’s advised to install only apps from legitimate sourced like Apple’s Appstore and Google’s PlayStore with Play Protect on.
Other Trending News:- News