Researchers from the mobile security firm Lookout have discovered three fake Bitcoin wallet apps in the official Play store, Google promptly removed them.
Experts from mobile security firm Lookout have discovered three fake Bitcoin wallet apps in the official Play store. The fake Bitcoin wallet apps were removed by Google Play after security researchers reported their discovery to the tech giant.
The spike in Bitcoin prices is attracting crooks as never before, the number of attacks involving the cryptocurrency continues to increase.
The three fake applications tracked as PickBitPocket were developed to provide the attacker’s Bitcoin address instead of the seller’s one. The fake apps accounted for a total of up to 20,000 downloads before Google removed them from the Play store.
“Lookout has identified three Android apps disguised as bitcoin wallet apps, previously in the Google Play Store, that trick victims into sending bitcoin payments to attacker-specified bitcoin addresses.” reads the analysis published by Lookout.
“Google removed the apps immediately after Lookout notified the company. The apps collectively had up to 20,000 downloads at time of removal.”
The researchers explained that when users that installed the fake apps attempt to buy goods or services their payments are hijacked to the attacker’s wallet.
The three fake Bitcoin wallet apps discovered by Lookout are:
Bitcoin mining, which had between 1,000 and 5,000 installs at the time it was removed;
Blockchain Bitcoin Wallet – Fingerprint, which had between 5,000 and 10,000 installs;
Fast Bitcoin Wallet, which has between 1,000 and 5,000 installs.
“As Bitcoin captures broader interest, this means more people may be purchasing the cryptocurrency, or looking for mobile wallets to store their coins. Individuals should be vigilant in choosing a secure wallet and should also have a security solution in place to identify malicious activity on their device,” concluded Lookout.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.