Security News > 2022 > March > Experts Uncover Campaign Stealing Cryptocurrency from Android and iPhone Users

Researchers have blown the lid off a sophisticated malicious scheme primarily targeting Chinese users via copycat apps on Android and iOS that mimic legitimate digital wallet services to siphon cryptocurrency funds.

The wallet services are said to have been distributed through a network of over 40 counterfeit wallet websites that are promoted with the help of misleading articles posted on legitimate Chinese websites, as well as by means of recruiting intermediaries through Telegram and Facebook groups, in an attempt to trick unsuspecting visitors into downloading the malicious apps.

The trojanized cryptocurrency wallet apps are crafted in such a manner that they replicate the same functionality of their original counterparts, while also incorporating malicious code changes that enable the theft of crypto assets.

The Slovak cybersecurity company said it found dozens of groups promoting malicious copies of these wallet apps on the Telegram messaging app that were in turn shared on at least 56 Facebook groups in hopes of landing new distribution partners for the fraudulent scheme.

On Android, the apps are aimed at cryptocurrency users who do not yet have any of the targeted wallet applications already installed, while on iOS, the victims can have both versions installed.

The investigation also unearthed 13 rogue apps that masqueraded as the Jaxx Liberty Wallet on the Google Play Store, all of which since been removed from the Android app marketplace as of January 2022.

News URL

https://thehackernews.com/2022/03/experts-uncover-campaign-stealing.html