If you are an Android user looking to download cryptocurrency applications, be careful of malicious app developers masquerading themselves as legitimate sources.
Tricksters are taking advantage of the cryptocurrency hype, especially among the amateurs who want to hold some bullish tokens. In one of such malicious attempts, a company by an eye-catching name of Google Commerce Ltd has siphoned off more than $388,000 from its users, The Next Web reports. The company sold its Android application for $388 per download while claiming to provide downloaders 1 Ethreum token in return. The users, however, received an image – that of Ethereum.
More than 100 individuals installed the application from Google Play Store since its last update on August 14, 2017. It is apparent that Google Commerce Ltd was a farce, and it went unnoticed for too long even after gaming the system. Only after the news came to surface, Play Store removed the app.
It would appear that Google Play Protect, Google’s built-in malware protection for Android, failed to detect an application that neither was a clone nor seeking login credentials from users. The point-of-attack took place when users decided to pay for the fake Ethereum app willingly. Amusingly, Google Play Store must have been receiving payouts from Google Commerce Ltd all this time.
It leaves the Android users with more questions about Google’s inability to stop these apps from being listed on Play Store at first place. The technology giant is already solving one part of the big problem by banning cryptocurrency mining apps. However, as the Next Web reported, a mining app by the name of JSEcoin slipped through Google’s defenses and made it to the Play Store.
If cryptocurrencies are taken out of the context, Google had exhibited strictness by removing more than 70,000 apps in 2017, marking a 70% increase in its scrutiny than the previous year. Most of the banned apps had abusive contents, including child pornography.
Cyber-crooks are always on a lookout for potential victims to get their fingers on all of their virtual coins. Over the recent years, Google Play has discovered apps impersonating famous exchanges and cryptocurrency wallet companies, and apps that directly install malware to make victims’ phone their secret cryptocurrency mining lab.
The trouble lies in the fact that even after being delisted, these apps resurface frequently. To that logic, seeing a similar fake Ethereum app listed on Play Store should not surprise.
Featured image from Shutterstock.
Last modified: August 22, 2018 20:26 UTC