Beware! Fake Trezor Wallet App has cropped up on Google Play as Bitcoin prices rise, ESET researchers have found. How can you stay safe?
May 24, 2019, | AtoZ Markets – Researchers have found two apps—”Trezor Mobile Wallet” and “Coin Wallet –masquerading as cryptocurrency apps on Android’s app store, Google Play. According to the researchers, one of them was largely a dud while the other was designed to steal cryptocurrency.
Fake Trezor Wallet App appears on Google Play Store
Security firm ESET said one of the two Android apps, is a fake Trezor wallet app, a hardware cryptocurrency wallet. The good news, however, is that the app couldn’t be used to steal cryptocurrency stored by Trezor, thus, it posed no direct harm to Trezor users, thanks to Trezor’s security measures.
However, the researchers found that the app could be used to collect email addresses which could be later used for phishing campaigns targeting Trezor users. Lukas Stefanko, a security researcher at ESET — who has a long history of finding fake Android apps — said the fake Trezor wallet app “appeared trustworthy at first glance” but was using a fake developer name — “Trezor Inc.” — to impersonate the company. However, upon downloading, the icon was different than the one in Google Play. The login screen also appeared generic—the name of the company absent.
Uploaded to Google Play on May 1, the app quickly ranked as the second-most popular search result when searching for “Trezor” behind the legitimate app, said Stefanko. Users on Reddit also found the fake app and reported it as recently as two weeks ago.
On the other hand, the Coin Wallet app, which was listed on Google Play store since February 25, was a fake wallet which could have been used to scam people out of money. The app offered users to create wallets for their cryptocurrencies. However, in reality, it served to trick people into transferring tokens into scammers’ wallets. In a so-called wallet address scam, the attackers provided a wallet for each supported cryptocurrency. Each victim got the same wallet address.
“The app claims it lets its users create wallets for various cryptocurrencies,” said Stefanko. “However, its actual purpose is to trick users into transferring cryptocurrency into the attackers’ wallets – a classic case of what we’ve named wallet address scams in our previous research into cryptocurrency-targeting malware.”
Both apps were collectively downloaded more than a thousand times. At the time of writing this report, both apps – the fake Trezor app and the Coin Wallet app have been removed from Google Play Store.
Last year, Trezor issued a warning to users after fraudsters began to make counterfeit versions of its hardware wallets. Back in November 2018, malware researcher Lukas Stefanko found four fake crypto wallets on the Google Play Store that were posing as official pieces of software for neo, tether and metamask.
How to stay safe
If Bitcoin continues its growth trend, we can expect more cryptocurrency scam apps to emerge in the official Android app store and elsewhere. When installing apps, it is important to stick to some basic security principles – even more so when money is at stake.
- Only trust cryptocurrency-related and other finance apps if they are linked from the official website of the service
- Only enter your sensitive information into online forms if you are certain of their security and legitimacy
- Keep your device updated
- Use a reputable mobile security solution to block and remove threats
Think we missed something? Let us know in the comments section below.