If you have invested in Cryptocurrency then you should be very careful because the first android Trojan malware “clipper” has been found on Google play store. On February first a security researcher found a malware that steals your Crypto-Currency known as “Clipper”. The malware hides itself as legitimate cryptocurrency application available on the play store known as “Meta Mask”.
Meta Mast does not have any official android application. It’s legitimate versions are only available as extensions for Google Chrome, Firefox, Opera and Brave.
So how does it works?
Because of security reasons the addresses of online cryptocurrency wallets are made up of long strings of characters and are very hard to remember so the user copies it to the clipboard. But when the user pastes the address of the recipient. It replaces it with the “attackers” address. When the user sends the cryptocurrency it is actually being sent to the attacker.
That’s not the only thing this fake Meta Mask application steals from you. This application also uses Phishing techniques to steal your credentials. It will also steal your seed phrase, passwords and your private key.
But luckily it’s not all bad news after security researcher found the app, Google play store came into action and took the malicious application down before it could do any more damage. But the crypto currency market is growing every day and so are the scams, frauds and thefts regarding this market so taking extra precaution would not be a bad choice.
But that’s not the first time that clipper has made an appearance. The tricky malware was first found back in 2017 but on a windows platform and after that in 2018 it was found on third party android app store and finally now founded on Google play store on February 1st. Judging from this it seems that applications like clipper are not going away any time soon and raise the question of how to avoid it.
How to avoid it?
Android applications are known to have malwares like clipper. One way to avoid it is to keep your device up to date with latest security patches.
Also do not download any application from any other android app stores. We recommend Sticking to official Google play store .
This step is very important but unfortunately many people do not follow it. When you are downloading an application make sure you visit the official website of the app developer and look for the official link for the app and if you don’t find one then that is one big Red Flag from our side.
Lastly for Crypto currency holders they should make sure to double check every address and check it from where they copied it from.