Security News > 2022 > June > Hackers clone Coinbase, MetaMask mobile wallets to steal your crypto
In a recent report, Confiant notes that the malicious cryptocurrency apps are identical to the real ones but they come with a backdoor that can steal the users' security phrase for accessing the digital assets.
Confiant analysts reversed engineer the apps to figure out how SeaFlower authors had planted the backdoors and found similar code in all of them.
For the MetaMask app on iOS, the backdoor code is activated upon generating the seed phrase and before it is stored in an encrypted form.
The backdoor code wasn't as diligently hidden in the Android variants malicious apps, and the researchers could access more of their functions without much effort.
Injecting react native bundles is definitely something new in the backdoors world, it has to do with metamask being a react native app.
To protect against these sneaky threats, cryptocurrency users should download wallet applications only from trusted sources, such as official app stores or from the developer's website.
News URL
Related news
- Chinese hackers breached T-Mobile's routers to scope out network (source)
- Radiant links $50 million crypto heist to North Korean hackers (source)
- New fake Ledger data breach emails try to steal crypto wallets (source)
- North Korean hackers stole $1.3 billion worth of crypto this year (source)
- North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin (source)
- FBI links North Korean hackers to $308 million crypto heist (source)
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)
- Decentralization is happening everywhere, so why are crypto wallets “walled gardens”? (source)