A new scheme was found by Check Point Research (CPR), the said malicious app is designed specifically for the users of cryptocurrencies on the official Google Play Market. The app was launched nearly five months ago and defrauded over 150 individuals and stole over $70,000. Using the secure Wallet connect protocol to sign a malicious transaction, the attackers drove the users’ funds dry. The creation was immensely complex and could not be reduced to an application of malware; it was involved in an extensive social engineering process, it managed to manipulate Google rankings and the app’s identity was encrypted. To be precise while thousands of downloads were made, not every user connected their wallets to the app and those who did reported a scam noted a few minutes into the app’s usage.
Be the first to comment