Google Play Store Hosted App Found Hacking Crypto Login Credentials

Google Play Store Hosted App Found Hacking Crypto Login Credentials
фото показано с : cryptoslate.com

2018-11-4 03:00

A video published Thursday by security researcher Lukas Stefanko exposed a malicious app hosted on the Google Play store that distributes malware onto unsuspecting user’s mobile devices.

Harvesting Your Passwords

The app, called Easy Rates Converter, markets itself as a currency conversion tool. In reality, it infects devices with malware designed to harvest their login credentials to legitimate crypto and fiat banking applications.

According to Hard Fork, among the apps targeted were Binance’s official app, CommBank, and Google Play. At the time Stefanko published his video, the app had over 500 downloads. The developer name on the app is listed as ‘hitech_soft.’

According to Stefanko, once the app is downloaded, it deploys malware that infects the host device through a fake Adobe Flash update. On the surface, the malicious app still functions as a currency converter. Once downloaded and activated, it retrieves the malware via the user’s internet connection and deploys it.

After infected, the malware program waits for the user to open a targeted banking app, then overlays the screen with one designed to look exactly like the login screen of the actual app and prompts the user to enter their login information. When entered, the credentials are stored on a server.

When running, the infiltrating app can be seen on an Android device when the user toggles through the apps they have open. However, even knowing the app was there, when Stefanko tried to tap back into a legitimate app on his phone, the malware overlaid itself on his screen again.

Keeping an Eye Out

A search through the Google Play store showed the app has been taken down since becoming the subject of Stefanko’s video, in which he also explains how to remove the malware once found on a device. 

Related: Adobe Flash Being Used For Cryptojacking

This isn’t the only way hackers are using Adobe Flash updates to install malware on user’s computers. Early in October, security researchers at Palo Alto Networks discovered a spike in fake Flash installers being used to infect computers with crypto mining malware. The update did installed Flash on host computers, but at the same time infected them with software that mined Monero.

Stefanko works as a researcher for security company ESET.

The post Google Play Store Hosted App Found Hacking Crypto Login Credentials appeared first on CryptoSlate.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

HEROcoin (PLAY) на Currencies.ru

$ 0 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: 0.09 %
Cегодня L: $0 - H: $0
Капитализация $0 Rank 99999
Цена в час новости $ 0.0170368 (-100%)

app google login hosted play store devices

app google → Результатов: 85


Тестовый кошелек для цифрового юаня появился в App Store и Google Play

Власти Китая запустили пилотную версию мобильного кошелька для использования цифрового юаня. Приложение уже доступно в магазинах приложений App Store и Google Play, сообщает BlockBeats.

2022-1-6 12:13


Parity Signer v2.0 превращает старые телефоны в криптокошельки

Разработчики компании Parity Technologies представили бета-версию приложения Parity Signer v2. 0, которое можно бесплатно скачать в iOS App Store и Google Play Store, чтобы превратить старый мобильный телефон в аппаратный криптокошелек.

2018-10-16 22:12


Фото:

Snap’s new Spectacles actually look… wearable?

It seems Snapchat finally gets the concept of aesthetics. The company’s just introduced two new kinds of Spectacles — both of which look considerably less dorky than their predecessor. You remember Snapchat‘s Spectacles, the sunglasses-cum-clumsy recorder, don’t you? They were pitched as a sort of teen-friendly Google Glass, meant to compliment the app by letting users take photos and videos right from their temples.

2018-9-6 01:57


Фото:

Google Chrome gets a big redesign and new features for its 10th birthday

Chrome is turning ten, and it’s getting a makeover to celebrate. Google today announced a wide set of changes coming to the world’s most popular browser – some aesthetic, and some functional. Most notably, the app now has a flatter, rounder design more in line with Google’s Material Design principles; these changes will be seen on both mobile and desktop.

2018-9-5 01:58


Фото:

В Google Play появилось мошенническое приложение «Ethereum»

Специалист по информационной безопасности из Словакии Лукас Стефанко обратил внимание на появление очередного «криптовалютного» приложения в Google Play, которое обманывает пользователей. При цене в 355 евро (около $388) программа просто показывает логотип Ethereum на экране, сообщает TheNextWeb.

2018-8-22 12:28


В Google Play обнаружено скам-приложение «Ethereum»

Специалист по информационной безопасности из Словакии Лукас Стефанко обратил внимание на появление очередного «криптовалютного» приложения в Google Play, которое обманывает пользователей. При цене в 355 евро (около $388) программа просто показывает логотип Ethereum на экране, сообщает TheNextWeb.

2018-8-22 11:15


Фото:

В Google Play фейковое приложение Ethereum продают за 335 евро

В Google Play обнаружили приложение, которое называется Ethereum, использует логотип одноименной блокчейн-сети, стоит 335 евро и предлагает пользователям приобрести 1 Ether. Жертвами скаммеров, скрывающихся за компанией с названием Google Commerce Ltd.

2018-8-22 10:57


Google Fit teams up with the WHO to help you shed the pounds

Google has updated its fitness tracking app Google Fit. The latest version contains a radical visual redesign, and an emphasis on helping users achieve their health and fitness goals. For this update, Google says it’s worked with the World Health Organization (WHO) and the American Heart Association (AHA), in order to better understand the science behind physical fitness and health.

2018-8-21 18:16


Ledger Bug Accidentally Sends 64 Ethereum Transactions To the Wrong Address

Ledger, the company behind a popular range of hardware wallets, reported a bug in its software last Thursday concerning Ethereum funds. The bug was initially announced by Ledger on Twitter. The tweet revealed that their Google Chrome app was displaying an incorrect destination address: There is currently an issue on the Ledger Wallet Ethereum Chrome […]

2018-8-8 15:34