ESET: the first malware crawler on Google Play

Her researchers ESET they discovered the first Android malware which can replace the contents of the clipboard (clipboard) of a device in Google Play. The so-called "clip»Aims at cryptocurrency transactions Bitcoin and , aiming to redirect the transfer of funds to the attacker's wallet instead of to the victim.

"This discovery shows that the clippers, which can redirect crypto amounts, no longer only meet or "suspicious" Android Forums. Now, all users Android they have to be careful, "he comments Closeš Štefanko, Malware Researcher ESET.

The clip recently discovered is detected by the solutions security of ESET as Android / Clipper.C. It malware this takes advantage of the fact that use functions with cryptocurrency transactions, usually not import manually their e-wallet addresses. Instead of them type, users tend to copy and paste paste the addresses using the clipboard. Malware can replace the address of the user with a belonging to the intruder.

The clippers first appeared on pthe Windows 2017. 2018 indeed, ESET researchers found three such malicious applications at download.cnet.com, one of the most popular software hosting sites in the world. In August at 2018, was discovered τthe first Android clip that were sold in hacking forums and ever since, this malware has been detected in many illegally application stores.

Until 2019, Android users who used only the official Google Play app store was completely safe from tα clippers. That changed in February at 2019 when ESET researchers discovered the first clipper at Google Play. «Fortunately, we found this clipper as soon as he appeared on Google Play. We mentioned this in the Google Play security team, which led to the removal of the applicationς From the store», says Lukáš Štefanko.

The clip που they discovered The researchers of ESET on store Google Play mimics a legitimate one service called Dappradar. The Dappradar allows decentralized Ethereum applications to run in a browser without having to run the whole thing the node of Ethereum. It is available with the form extensions only for browsers for desktop with, such as Chrome and Firefox, while din there is a mobile version. ESET

"There seems to be a demand for a mobile MetaMask version. Cybercriminals are aware of this demand and are importing insidious malware that mimics this service in Google Play», Lukáš Štefanko warns.

Also, this older malware that imitates the MetaMask aims in deposits Bitcoin or Ethereum of the user, however, only trying trick the user into entering the wallet address into one false form and thus disclose this sensitive information to the attacker.

«Having installed a clipper on the victim 's device, h Posting cash is easy. Τthe victims themselves send unwittingly moneyα directly to cybercrime» explains Lukáš Štefanko.

By appearance of malware clipper for the first time on Google Play, the users Android should be even more careful and follow best practices for the better safety of mobile their phone.

Γyes to remain safe from clippers and other malware που aim into a Android, η ESET advises their users to:

  • They keep the Android device their up-to-date and to they use a trustworthy solution security for cell phones.

  • Use only official Google Play store for downloading applications...

  • ...controlling however always the official site of programmer of application ή the provider services for This makes it a perfect choice for people with diabetes and for those who want to lose weight or follow a balanced diet. link που leads in official application. If there is nothing relevant, users should consider it suspicious and be particularly careful with any search result on Google Play

  • To scrutinize every step of every transaction related to anything from sensitive information to money. When using the clipboard (clipboard), always check if what they pasted is what they wanted to import.

The indicators IOC (Indicators of Compromise) and more technical details are below article.

The discovery coincides with the conduct of the Mobile World Congress in Barcelona, ​​in which ESET participates. Researcher Lukáš Štefanko will be on the ESET stand and will be available for interviews. ESET will investigate τις θεματικές Machine Learning/Artificial Intelligence, θα παρουσιάσει νέες έρευνες και σημαντικά ευρήματα για την ασφάλεια των κινητών και θα παρουσιάσει τις λύσεις ασφαλείας της από το περίπτερό της (Hall 7, stand 7H41) κατά τη of the world exhibition that will take place on February 25-28, 2019 in Barcelona.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).