Poloniex Targeted By Fake Google Play Apps Which Steal Users Accounts
Yesterday we reported on CryptoShuffler, a piece of malware which monitors an infected user’s clipboard for a cryptocurrency address. When the user pastes the address (presumably to send funds to another wallet) it is replaced with the address of the attacker’s wallet instead of the intended recipient. So far they’ve tracked at least $140,000 in stolen funds by the CryptoShuffler malware.
As if this wasn’t enough to worry about for those in the cryptocurrency space, a new threat has surfaced which targets users of the Poloniex Cryptocurrency Exchange and currently has been downloaded over 5,000 times. This threat, identified by both Kaspersky and ESET Antivirus, comes in the form of a fake Google Play app. This fake app claims to be the official app of the Poloniex Exchange, despite the fact that Poloniex does not currently even have any apps available on the Google Play store currently.
Once downloaded, the app lingers in the background waiting for the infected user to enter their Poloniex credentials, at which point they are sent to the attackers.
There have been reports of accounts being drained and attempts to hack email accounts associated with the Poloniex accounts of infected users.
With all the looming threats that are currently targeting crypto users, it’s more important than ever to protect your investment. Make sure that two-factor authentication is enabled on your accounts and cryptos stored on a secure hardware wallet, such as the TREZOR. This isn’t the first and certainly not the last attempt by hackers to steal users funds, so stay alert out there, guys!