Fake Bitcoin Wallet Apps Plague Google Play Store

Fake Bitcoin Wallet Apps Plague Google Play Store

Yet another case of Android users being targeted by attackers involves the popularity of the Bitcoin cryptocurrency. More particularly, researchers have come across several fake Bitcoin wallets for Android. The malware family was dubbed PickBitPocket.

Details about the PickBitPocket Malicious Apps Posing as Bitcoin Wallets

Three fraudulent wallet PickBitPocket applications were detected on Google Play Store. Their purpose was to steal data related to Bitcoin from users tricked to install the apps. Bitcoin has been in the center of hacker’ malicious intentions and these intentions seem to include mobile operating systems as well.

Related Story: Which Is the Most Secure BitCoin Hardware Wallet in 2017

Lookout researchers recently came across three Android applications posing as Bitcoin wallets. The apps bypassed Google Play Store’s security measures and were trying to trick users into sending Bitcoin payments to attackers’ Bitcoin addresses. Fortunately, Google has already removed the apps, shortly after the security firm notified them. The three apps had gathered up to 20,000 downloads before they were removed.

As already mentioned, the PickBitPocket fake wallet apps were pretending to be legitimate Bitcoin wallets. Instead of providing what they should have, the apps were tricking into providing the attacker’s Bitcoin address instead of the seller’s, researchers said.

What does this mean?

For example, an individual is selling some goods or services and allows payment in bitcoin. The seller provides a bitcoin address to the buyer for the payment. If the seller is using a PickBitPocket wallet app, he will instead send the attacker’s bitcoin address to the buyer, in effect routing the bitcoin payment to the attacker.

More about the PickBitPocket Apps

The three apps have been identified:

– “Bitcoin mining“, which was download about 5,000 times;
– “Blockchain Bitcoin Wallet – Fingerprint“, which was downloaded approximately 10,000 times;
– “Fast Bitcoin Wallet“, with about 5,000 installations.

Users that are intending to buy Bitcoin or any other cryptocurrency should be on the lookout for various scams and malware attempts aiming to steal their coins. This also means that potential investors should be careful and should choose a secure wallet. The security of the device where this wallet will be used should not be underestimated as well.

Related Story: Cryptocurrency Miners on Google Play Posing as Apps

Android was recently targeted by other types of malicious apps that relied on Bitcoin’s popularity. TrendMicro researchers recently detected these apps as Androidos_JSMiner and Androidos_CPUminer.

These apps had malicious capabilities and were deployed for cryptocurrency mining. The apps were found to use dynamic JavaScript loading in combination with native code injection to bypass detection by security vendors.

Milena Dimitrova

An inspired writer, focused on user privacy and malicious software. Enjoys ‘Mr. Robot’ and fears ‘1984’.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...