Amid warnings related to the comeback of CryptoShuffler, two malicious Android apps have also been discovered recently. These apps attempt to obtain user credentials in order to steal funds. The apps were made to look like the official app of the popular cryptocurrency exchange, Poloniex. Discovered by cybersecurity firms ESET and KasperSky, both apps have been removed from the Google Play Store.
Russian news media resource, RBC, reports that Poloniex’s logo and visual identity were used by these fake apps, taking advantage of the fact that the exchange does not actually have an official mobile optimized application. The apps were called Poloniex and Poloniex Exchange. Poloniex was more popular, as around 5,000 users had installed it. It was available for almost a month before being removed from the Google app store. Poloniex Echange managed to get only 500 users to install the app before it was shut down.
Both of the apps operated in the same way. Users were asked for their Poloniex login credentials before being prompted to log in to their Google accounts. From there the system gained access to the user’s basic profile information, settings, and emails. “These two apps were trying to steal Poloniex credentials as well as gaining access to user emails,” ESET warned last week.
ESET further explained that once the developers took over the user’s Poloniex account, as well as the associated Google account, they could delete all withdrawals-related emails from the user’s inbox that might unveil the transactions being conducted. In this way, the users would receive no warnings regarding the take-over of their accounts.
Several other similar threats have been circulating, in addition to these two apps. CryptoShuffler exploited copy+paste tools to replace destination Bitcoin addresses, and has been successful in stealing over $140,000. Another scam, Bad Rabbit, targeted users in Russia, Ukraine, Turkey, and Germany.
ETHNews warns that another fraudulent Poloniex app, also mirroring the exchange’s mobile website, called “Poloniex – Bitcoin/Digital Asset Exchange”, may also be available on the Google app store. Offered by a developer, dubbed as MIT Service, the app has already seen 1,000 - 5,000 downloads while having no affiliation with the Massachusetts Institute of Technology. This is not the first time fake Poloniex apps have been spotted, as the exchange’s operators have had to issue warnings against them in the past as well.
ESET advised users to immediately change their Poloniex and Google passwords in addition to enabling two-factor authentication as a precautionary measure.
Fake Poloniex apps on Google Play Store steal users’ funds
These apps attempt to obtain user credentials in order to steal funds. The apps were made to look like the official app of the popular cryptocurrency exchange, Poloniex.