Google Play app found stealing users crypto exchange login details

03 Nov, 2018
by Richard Allen
Google Play app found stealing users crypto exchange login details

Despite Google’s no-nonsense stance on shady cryptocurrency apps, it appears those with enough determination are still capable of getting their malicious apps on the store, Hard Fork reports.

Lukas Stefanko, security and malware researcher, published a video recently showing how a malicious app, called Easy Rates Converter, steals login data from its users.


The app was designed to look like a cryptocurrency conversion tool, but the actual reason for its creation is far more sinister: to steal your login credentials to a number of legitimate apps. Among others, the apps targeted by the malicious converter are Commbank, Google Play, and the official app of Binance. Stefanko states that the app had over 500 downloads.

Once the app had been downloaded and installed, it operated exactly how it was supposed to. But in the background, it also installs phishing malware designed to look like an Adobe flash update.

Then, once you open up one of the targeted apps, the malware created a “fake activity” to overlay the legitimate app. The “fake activity” then prompts the user for their login details, which it stores and sends on to the phishers.

As if putting your Binance account at risk wasn't bad enough, the app could also jeopradize your traditional bank account. Fortunately, however, it appears as if it's been removed from Google Play.

Read more: Google Play contains many phony mining apps claim to mine unmineable cryptos

Follow Chepicap now on Twitter, Telegram, and Facebook!


Have you ever been a victim of crypto-related malware?

(4 votes)

Add a comment

Check out the latest news

You will be logged out and redirected to the homepage