CyberNews Briefs

First clipper malware discovered on Google Play

Researchers with ESET have found a malicious app designed to steal cryptocurrency in the Google Play Store. The app, which mimicked MetaMask, a legitimate service for running Ethereum-supported applications in a browser, has been removed from the Play Store after the researchers alerted Google.

The app ran a form of “clipper” malware that can manipulate clipboard content. Whenever a victim engaging in a cryptocurrency transaction copies a cryptocurrency wallet address to the clipboard (addresses like this are usually copy-pasted as they are very long), the malware replaces the address in the clipboard with an address owned by the attackers, so that the victim pastes the wrong recipient address into the transaction form, and the threat actors end up receiving the funds instead. Clipper malware has been spotted many times before, but had not yet been found on the Play Store.

Read more: First clipper malware discovered on Google Play

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.