wry Posted February 11, 2019 #1 Posted February 11, 2019 Attention Android Users! (like me!) The bad guys keep getting cleverer and cleverer! A fake MetaMask App in the Google Play Store was found over the weekend. How the bad guys got their malicious code past the people, well probably just algorithems, at Google has not yet been explained. However, what is sure is that an app that if downloaded would hijack your send to addresses was exposed. The news story didn't say how many times it had been downloaded, which would be nice to know. I'm really upset at how the bad guys seem to be staying one step ahead of industry players such as Google. I have an android phone and have downloaded many apps from the Play Store. While I'm smart enough not to keep that much crypto on something I carry around everywhere not everyone has that luxury. Google should be ashamed. I also have to hand it to the bad guys, I figured the app would be called something stupid like FREBTC4U but it actually had a legit name. Be careful out there!! Link to the story: https://www.coindesk.com/fake-metamask-app-on-google-play-store-hosted-crypto-malware Link to blog post detailing how it worked: https://www.welivesecurity.com/2019/02/08/first-clipper-malware-google-play/
irawk0 Posted February 11, 2019 #2 Posted February 11, 2019 Wow, nothing is safe in this day and age it seems. I like that last comment in the news article which asks users to double check copied addresses, which I already have a habit of doing. It takes merely a few seconds to verify even the last 4-5 characters of an address which is extremely worth it. As to the app, I'm really thankful I don't use mobile for crypto related things lol
awesomeaf Posted February 11, 2019 #3 Posted February 11, 2019 45 minutes ago, irawk0 said: I like that last comment in the news article which asks users to double check copied addresses, which I already have a habit of doing. It takes merely a few seconds to verify even the last 4-5 characters of an address which is extremely worth it. There is also this extension: EtherAddressLookup which adds links to strings that look like Ethereum addresses to your favourite blockchain explorer. It also tries to protect you from being phished by checking a domain blacklist that is constantly being updated. EAL will also show you a popup container (non-intrusive) detailing the ETH balance of an address, the number of transactions going OUT, and if the address is a smart contract. You can also add labels to addresses which will show in the popup container. You can find it easily by searching "EtherAddressLookup" on google, or in the google play store.
irawk0 Posted February 11, 2019 #4 Posted February 11, 2019 1 hour ago, awesomeaf said: There is also this extension: EtherAddressLookup which adds links to strings that look like Ethereum addresses to your favourite blockchain explorer. It also tries to protect you from being phished by checking a domain blacklist that is constantly being updated. EAL will also show you a popup container (non-intrusive) detailing the ETH balance of an address, the number of transactions going OUT, and if the address is a smart contract. You can also add labels to addresses which will show in the popup container. You can find it easily by searching "EtherAddressLookup" on google, or in the google play store. Umm... after this news I'm not even going to touch any apps/extensions/whatever that's even remotely related to crypto... call me paranoid 😛
polor12 Posted February 11, 2019 #5 Posted February 11, 2019 to really to improve security for crypto they need these crooks... without them finding the ways to by pass or find open gaps..that developers didn't find or never though a situation like the one that's mention will ever occur..keeps developers on their toes to counter it...nothing is perfect there always something wrong...so in a way they are helping out...
wry Posted February 11, 2019 Author #6 Posted February 11, 2019 58 minutes ago, irawk0 said: Umm... after this news I'm not even going to touch any apps/extensions/whatever that's even remotely related to crypto... call me paranoid 😛 Yes, this is my reaction as well. Some of these efforts, Electrum wallet phish, Bitpay wallet hack, exchanges getting hit, are all very disconcerting. @polor12 while your point is well taken, I would greatly prefer if the bad guys were stopped BEFORE they hit us. I agree that every met attack is a win for crypto, but the constant drip drip drip of bad news undermines support for the technology. It really is like the medieval times and you have to have a strong castle or the bad guys will easily take all your stuff. (I always think about The Hound taking the farmer's silver in Game of Thrones after agreeing to protect him!)
carbesti Posted February 12, 2019 #7 Posted February 12, 2019 Do you think it can compromise 2fa apps installed on mobile? ie Google Auth or Authy?
williamshennie9 Posted February 12, 2019 #8 Posted February 12, 2019 With all the scams out there, I am seriously considering getting a hardware wallet. It seems my coins will be much safer there
Kate Posted February 12, 2019 #9 Posted February 12, 2019 That's why i hate google play store they don't do checking of anything and i know this. I made an app and tried releasing it in the play store and it costed around 25$ for it to get listed and without hesitation or approval the app was volla there in the play store but for IOS it took me 3 days for it to get to the App store. They should really increase security for Play Store. I hope the victims didn't loose a lot of money
polor12 Posted February 12, 2019 #10 Posted February 12, 2019 remember those hackers few years back that hacked into the united states top secret fbi files etc.. rumors was spreading those hackers now work with the fbi.. and that movie catch me if you can.. which was based on true story.. that guy works for the U.S treasury and fbi... all these were crooks.. but also developers to me..want to see if anyone can find a flaw on there program... there is a saying gotta lose money to make money...so if its worth it for the crooks to take whats not theirs to expose the flaw... is worth it to the developers and customers...i know is hard to agree with that..but nothing perfect.. and the crooks are the imperfections of society..
barbaris Posted February 13, 2019 #11 Posted February 13, 2019 Unfortunately, nothing will save you from hackers, because they are always one step ahead and nobody fights with them. Even the most protected are in danger.
skillex Posted February 25, 2019 #12 Posted February 25, 2019 On 2/12/2019 at 2:08 AM, wry said: Attention Android Users! (like me!) The bad guys keep getting cleverer and cleverer! A fake MetaMask App in the Google Play Store was found over the weekend. How the bad guys got their malicious code past the people, well probably just algorithems, at Google has not yet been explained. However, what is sure is that an app that if downloaded would hijack your send to addresses was exposed. The news story didn't say how many times it had been downloaded, which would be nice to know. I'm really upset at how the bad guys seem to be staying one step ahead of industry players such as Google. I have an android phone and have downloaded many apps from the Play Store. While I'm smart enough not to keep that much crypto on something I carry around everywhere not everyone has that luxury. Google should be ashamed. I also have to hand it to the bad guys, I figured the app would be called something stupid like FREBTC4U but it actually had a legit name. Be careful out there!! Link to the story: https://www.coindesk.com/fake-metamask-app-on-google-play-store-hosted-crypto-malware Link to blog post detailing how it worked: https://www.welivesecurity.com/2019/02/08/first-clipper-malware-google-play/ What a bad news.This is really alarming. You are right, google should be ashamed and should take double action for this for us costumers to still have faith to them. Before, I really taught that all apps in google play store are really safe but after this incident now I will really be extra careful. Thanks for the share of this news.
KiXxnTRiXx Posted February 25, 2019 #13 Posted February 25, 2019 hmmm.. when on my phone, i do use an android but do not really use apps or any extensions other than the normally used and the ones i have already been using before like Coinbase, Google Auth and nothing that really has anything to do with crypto, so i think i am ok?.. i always have that sort of situation as a possibility in the back of my mind whenever i am downloading or installing any applications or extentions for anythng to be honest! Especially on android, since mine is always rooted...
skillex Posted February 25, 2019 #14 Posted February 25, 2019 6 hours ago, KiXxnTRiXx said: hmmm.. when on my phone, i do use an android but do not really use apps or any extensions other than the normally used and the ones i have already been using before like Coinbase, Google Auth and nothing that really has anything to do with crypto, so i think i am ok?.. i always have that sort of situation as a possibility in the back of my mind whenever i am downloading or installing any applications or extentions for anythng to be honest! Especially on android, since mine is always rooted... Wow.. that's nice that you're rooted you can just easily tweak your device if ever there's an exploit. You're not fan of android games also?
wry Posted February 25, 2019 Author #15 Posted February 25, 2019 6 hours ago, KiXxnTRiXx said: hmmm.. when on my phone, i do use an android but do not really use apps or any extensions other than the normally used and the ones i have already been using before like Coinbase, Google Auth and nothing that really has anything to do with crypto, so i think i am ok?.. i always have that sort of situation as a possibility in the back of my mind whenever i am downloading or installing any applications or extentions for anythng to be honest! Especially on android, since mine is always rooted... Yes, I've come to agree with your point of view, the less crypto apps on my phone the better. No reason to risk anything for what are essentially dust amounts of crypto or information that is easily available elsewhere. Stay Smart! Stay Safe!
bmg Posted March 6, 2019 #16 Posted March 6, 2019 I am glad that I don't download many crypto apps. This is just another bad thing to add to the "don't trust random apps list". I sure hope that the security get's a little better on these things soon.
nhoyasim101 Posted March 6, 2019 #17 Posted March 6, 2019 seems like those bad guys are really wrecking crypto hope people behind this wrong doing DIE now thanks for the info✌️
Shaniqua Posted March 6, 2019 #18 Posted March 6, 2019 On 2/11/2019 at 8:39 PM, williamshennie9 said: With all the scams out there, I am seriously considering getting a hardware wallet. It seems my coins will be much safer there thats probably a god idea especially if you own some coin... personally i dont and never have much at all at one time so harrdware wallet or not , wont matter to me.. but that is crazy that apps can even steal ur coins! how to be safe =O
KharmaBetz Posted March 6, 2019 #19 Posted March 6, 2019 On 2/12/2019 at 2:20 AM, DarkBlood069 said: For those who are new to crypto and being hacked because google play can't meet standards is a big shame on them. Looks like they are not to be trusted since they can't protect users. You would of thought a big company like Google Play would cover any sort of leaks. To find that hackers are one step ahead is just awful. My condolences to those who lost any crypto. After hearing this, I'm going to remove all my apps regarding crypto on my phone to stay protected. Shocking news indeed, thanks again wryy for the insightful news! 2 Google seems to be having a lot of issues lately in regards to malicious applications being in the app store, but this is a little too much being put to blame on Google I think. Sometimes the evil dev is very sneaky, they release a clean useful app the first version for application to the Play Store.. they wait a few months, gain some positive reviews and trusting users, even release some clean updates! But then, one day out of the blue the app starts to record all your passwords and sends them back, live as you submit them, to a command-and-control server obviously not controlled by you. Only a few lines of code needed to be changed but the thing is Google is a lot less strict once an app gets approved for entry into the store.. The apps are scanned nightly by App Guard or whatever but it is only an algorithm (First submission approvals are done by a human, or at least they used to be) and it is a lot easier to sneak malicious code passed a bot- especially if majority of the malicious code is coming from the C&C server.. all they have to do is add some code that communicates with the remote server and the remote server sends back commands to the app and boom, cha ching💰 cha ching💰 but not for you. This happens anywhere, almost everywhere. Ever looked over all the breaches on HaveIBeenPwned? Or worse, set up your email to receive HaveIbeenPwnd alerts? (I don't suggest you do so for an email you've had forever unless you've been using a forwarding service like 33mail with it, otherwise, you might just cry or try to ban yourself from the internet once you realize how violated your personal data has become.. It also highlights the importance of using a Password Manager and making sure you neverever ever reuse a password anywhere.. [ and no, the password manager in your browser is NOT secure and will not suffice in case anyone is wondering ] Spoiler But for example, even open source software available on GitHub has maliciously violated user trust. There is nothing guaranteeing that the code used in the app/program is the same code pushed to the repository unless you can reverse engineer it or build it yourself from the source in the repo... There have been cases of malicious devs using GitHub and saying their program is open source, knowing this allows many users to put their guard down, I know I was guilty of trusting github repos without question before.. but not anymore.. Browser extensions, surprisingly though there seems to be a tougher review process that goes on when an extension updates.. but Chrome has one safety feature that I am thankful for here. Whenever an extension updates and asks for a change to permission, Chrome will disable the extension until the user accepts or declines the permission request. However if you didn't know this was a safety feature it may be less useful to you as most users just blindly accept everything in their path anyways.. but loaded with this knowledge beforehand.. when MEGA, the cloud storage service, recently had its Chrome extension compromised I was able to save myself from being keylogged because I knew that they weren't in the development of any new features that would require them to need extra permissions than before..Turns out, the hacker compromised one of the dev's Chrome Store accounts, using a phishing scheme becoming popular with 2FA enabled accounts, and was able to release an extension update without anyone being suspicious at all because Chrome just automatically updates extensions and only disables them or even bothers the user if the extension needs different permission access than before.. Some smart users questioned the permissions and combed through the newly pushed code and found the malicious changes.. it was live for approx 6 hours, 3 hours of that time was the team waiting for Google to take it down! 5 The only reason this looks bad on Google is because Google is so big, but they are not immune.. Many sites you assume are safe only fly under the radar for YEARS when things like this happen to them because noone is watching them like a hawk like we watch Google. Just like any developer or any piece of software, bugs happen which can open the door to vulnerabilities.. not only do they allow the developer to learn and improve they also should be teaching us consumers, how to better protect ourselves.. But sadly we only seem to be gettung dumber in that regard. I mean, who should be responsible for protecting us and our assets and who should we trust to do it?? OURSELVES ONLY! We shouldn't even have governements or anybody that we feel is above us in power, civilization sure made a wrong move during that meeting.. 🤣 Want more security tips? Of course not, you can move along... Spoiler BACKUP YOUR WALLET MNEMONIC PHRASES!! And people keep saying to store them offline only but this is why people end up losing their coins.. Start using a password manager today to store all your passwords and store recovery seeds in it as Secure Notes. I suggest LastPass, the most features and devices for absolutely free. Used them going on 4th year now never had any problems, and never forgotten a password and I've restored my wallet twice needing to find the phrase from my password manager, so trust me when I say.. STORE IT THERE! Make sure your master password to LastPass is a word or phrase you would remember even if you didn't touch the internet for a year.. When it comes to storing your recovery seeds, a hacked phrase is just as good as a lost phrase to you so why not give yourself a fighting chance of recovery Hey, people who use a password manager swear that we should never store our phrases in them because if they are online there is a chance of them being in the wrong hands.. but ya know what, my password manager has all my fiat banking info and many other personal details - they'd get a lot more value going after that than they would the value of my crypto wallet. 5 This has been another installment of "Those Unpopular Opinions" brought to you by KharmaScribbles n Betz.. Spoiler *remember, it's just my opinion and I'm never directing anything at one person specifically. I don't purposely offend. Never take me seriously and don't be fooled I love seeing different points of view! I just openly share my thoughts and try to teach the world through my journeys.
675675 Posted September 25, 2019 #20 Posted September 25, 2019 On 2/12/2019 at 2:22 AM, carbesti said: Do you think it can compromise 2fa apps installed on mobile? ie Google Auth or Authy? perhaps
Sheva27 Posted September 25, 2019 #21 Posted September 25, 2019 It is becoming more and more dangerous to store cryptocurrency in applications
Buxlobai Posted September 26, 2019 #22 Posted September 26, 2019 I'm shocked just!And why does Google never check applications?They do cunningly write that they do not bear responsibility, and try to prove later.This corporation is already starting to annoy!
Dimitris09 Posted December 30, 2019 #23 Posted December 30, 2019 There is also this extension: EtherAddressLookup is very eazy and safe in my oponion
tae40127 Posted December 30, 2019 #24 Posted December 30, 2019 it like a story that name casper ativirus that make a people who download that apps when use copy paste it will change the address that send the crypto in btc to the apps btc address when who send btc it or xrp it will change that the user will not recheck but i ever be the victim of that app but it my luck i never send large value cause am a newbie in crypto so let it be but if i send large amout i will find the owner of that apps and kill them all family haha
KURTAULI Posted January 31, 2020 #25 Posted January 31, 2020 I never trusted Android apps. If you have cryptocurrencies you need to keep them in a cold wallet to keep your investment safe . The android is open source which means there is always a danger
Featured Comment
Archived
This topic is now archived and is closed to further replies.