
Researchers last week found the first Android app on the Google Play store that monitors a device's clipboard for Bitcoin and Ethereum addresses and swaps them for addresses under the attacker's control. This allows the attackers to steal any payments you make without your knowledge that you sent it to the wrong address.
Amalicious Android app called MetaMaskwas added to the Google Play store that pretended to be a mobile version of the legitimate service of the same name.This app, though, was detected by ESET as malicious and when ESET Android security researcher Lukas Stefanko performed an analysis, it was discovered to be stealing a user's cryptocurrencyusing two different attack methods.
The first attack method the app usedwas to attempt to steal the private keys and seeds of an Ethereumwallet when a user adds it to the app. When BleepingComputer analyzed the app's APK file, we found that the app contains information that can be used to send this stolen data to a...(continued)