Ethereum [ETH] could have been stolen through malware impersonating MetaMask

Crypto Destroyer

Bitcoin [BTC] and other cryptocurrencies became one of the most controversial topics around the globe in the year – 2018. The rise of its popularity is credited to a massive rise and fall in its price. Majority of the top-currencies alone were depleted of 90% of its value at the end of the year, in comparison to its value at the beginning of the year.

Apart from the price, the other factors that led to the popularity of the cryptocurrency market were the scams and hacks that occurred throughout the year, resulting in the loss of over a million dollars. To add on, some of the scams in the space were pulled off by stealing the identity of several major players around the world, including that of Elon Musk, the face of Tesla and Space-X.

However, this side of the market continues to thrive even though the market itself has not made any major move in terms of bringing the price of cryptocurrencies to the bull’s market. This year started with Cryptopia announcing that they had encountered a security breach, which has resulted in the exchange losing funds to attackers.

Ethereum Classic, one of the leading cryptocurrencies in the space, also witnessed a 51% attack. More so, QuadrigaCX, a cryptocurrency exchange, declared itself insolvent after the death of the CEO, as it was announced that he was the only person who had control over the cold wallets.

Now, another hack has been bought to light, a malware discovered on Google Play. According to research by welivesecurity, a malware identified as ‘Clipper’ is being used to steal investors funds. The research read:

“For security reasons, addresses of online cryptocurrency wallets are composed of long strings of characters. Instead of typing them, users tend to copy and paste the addresses using the clipboard. A type of malware, known as a “clipper”, takes advantage of this.”

It further stated:

“It intercepts the content of the clipboard and replaces it surreptitiously with what the attacker wants to subvert. In the case of a cryptocurrency transaction, the affected user might end up with the copied wallet address quietly switched to one belonging to the attacker.”

The report revealed that this malware was used to impersonate MetaMask, developed by the ConsenSys that allows users to run Ethereum dApps without running a full Ethereum node. The malware enables the hacker to gain control over the user’s Ethereum’s private keys, which can later be used to transfer all the coins to a different wallet address. Along with this, the hacker can also change the address copied via the Clipper into their own address.

More so, this malware was added to Google Play earlier this month, February 1, 2019. This was soon spotted by the research team, who later notified the security team. This was followed by the team taking down the malicious app from the app store.

Crypto Destroyer

Be the first to comment

Leave a Reply