DApp MetaMask

One of the biggest problems with Google Play is malware. Some of the hundreds of apps that are hosted in the app store serve as a hook for any cybercriminal to do their thing. The latest discovery is also the first to steal cryptocurrencies from users. This is MetaMask, apparently launched to manage users' virtual wallets and transfer funds between different portfolios, but with a very different reality. This app was designed to steal cryptocurrencies without the user being aware of it.It is, therefore, the first appearance of clipper-type malware on Google Play.

For security reasons, cryptocurrency wallet addresses are made up of long strings of characters. Instead of typing them manually, users tend to copy and paste addresses using the clipboard. There is a type of malware, known as “clipper”, that takes advantage of precisely this. Its modus operandi is to intercept the contents of the clipboard to replace it hidden with whatever the attacker wants to alter. This is exactly what was done through MetaMask.

Its mechanics were relatively simple. As soon as the victim copied the address of his virtual cryptocurrency wallet to the Android clipboard, the app itself got down to work to automatically replace said address with that of the attacker without them he didn't even noticeThe user believed at all times that he was saving his cryptocurrencies in his wallet, and what he did not know is that he was doing it at the address of another person.

At the moment the amount of stolen cryptocurrencies and the number of affected users are unknown. What is known is that MetaMask has already disappeared from Google Play. To avoid being a victim of a similar attack or any type of malware for Android, from tuexpertoapps we advise you to keep your device always updated Likewise, when using the clipboard always checks that what has been pasted matches what has been entered. Finally, avoid installing apps from unknown or low-rated developers.