1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Hackers are using fake apps and wallets to steal your crypto

    From TechnologyDaily@1337:1/100 to All on Tue Jun 14 18:15:04 2022
    Hackers are using fake apps and wallets to steal your crypto

    Date:
    Tue, 14 Jun 2022 17:08:18 +0000

    Description:
    Popular crypto apps are getting cloned, and the clones are stealing people's money, experts warn.

    FULL STORY ======================================================================

    Cryptocurrency users and enthusiasts are being targeted by malicious actors with fake wallet apps that steal their precious tokens, researchers have found.

    Cybersecurity researchers from Confiant discovered that some of the worlds most popular cryptocurrency wallets are being spoofed by clones that carry malware .

    Coinbase, MetaMask, TokenPocket, and imToken products are among those affected, with the threat actors hainge created apps seemingly identical to the legitimate ones, but with one key difference - they carry a backdoor
    thats capable of stealing peoples security phrases. The security phrase, or secret key, is a string of words used to recover, or load, an existing wallet into the new app.

    Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 . Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/10.99. Tens of millions of potential targets

    People use it when they forget their passwords, install the app on a new endpoint, or otherwise need to load a wallet on a different device.

    Being malicious, these apps cannot be found on official app repositories,
    such as the Play Store or App Store. Instead, the threat actors rely on distributing the app via web pages, which they promote through black SEO techniques, SEO poisoning, social media marketing, forum promotions, malvertising, etc.

    The researchers could not say how many people were tricked into downloading these apps, but Coinbases app alone has more than 10 million downloads, just on Android. Read more

    Popular crypto wallet discontinued after fatal flaw discovered


    Scammers are using a whole load of tricks to launch cryptomining scams


    Dangerous phishing pop-ups appear across major crypto websites

    As for the victims, the attackers seem to be mostly targeting the Asian population. Search results from the Baidu engine have been most impacted by the campaign, as these have been directing massive amounts of traffic to the sites that host the malicious apps.

    The attackers themselves seem to be Asian, as well. Confiant calls them SeaFlower, and believes them to be Chinese due to subtle hints like the language of the comments in the source code, the location of the infrastructure, and the frameworks and services used.

    The campaign seems to have been active since at least March this year, Confiant says, adding that its the most technically sophisticated threat targeting web3 users, right after the infamous Lazarus Group.

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/hackers-are-using-fake-apps-and-wallets-to-stea l-your-crypto/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)