Hackers are using fake apps and wallets to steal your crypto
Cryptocurrency users and enthusiasts are being targeted by malicious actors with fake wallet apps that steal their precious tokens, researchers have found. Cybersecurity researchers from Confiant discovered that some of the world’s most popular cryptocurrency wallets are being spoofed by clones(opens in new tab) that carry malware. Coinbase, MetaMask, TokenPocket, and imToken products are among those affected, with the threat actors hainge created apps seemingly identical to the legitimate ones, but with one key difference – they carry a backdoor that’s capable of stealing people’s security phrases. The security phrase, or secret key, is a string of words used to recover, or load, an existing wallet into the new app. People use it when they forget their passwords, install the app on a new endpoint, or otherwise need to load a wallet on a different device.