Fake apps and websites take more than $4.3 million from iPhone and Android users

iPhone and Android users need to make sure they don’t have any of the 249 fake Crypto Wallet apps Trend Micro mentions on their phones. These apps pretend to be legitimate cryptocurrency wallet apps, but have led to the theft of more than $4.3 million. Pretending to come from legitimate crypto wallet app companies, potential victims are sent emails containing “malicious links” that lead iOS and Android users to visit lists for the attackers’ fake apps.

Do you see the brilliance in this process? By sending victims to a site where their malware-laden apps can be installed, attackers can avoid listing their fake apps in the App Store or Google Play Store where they might be banned. And to get iOS and Android users who have a legitimate crypto wallet app on their phone to tap the link, these emails pretend to be from those real crypto wallet apps by telling recipients that the current version of their crypto wallet app is outdated and that they have to tap the link to install the latest version.

This email tries to trick the victim into clicking on a link to a fake website

Hackers have also created fake websites designed to look like those used by real crypto wallet apps and have domain names slightly different from the real ones. These fake websites appear high in search results and are another way criminals reach their victims without having to list apps in the App Store or Google Play Store. Another ploy used is posting fake links on social media sites that display fake messages of support. Again, the goal is to trick victims into visiting a fake website.

Real crypto wallet website on the left, fake created by hackers is on the right

The Trend Micro Threat Research team found 249 fake crypto wallet apps including imToken, Bitpie, MetaMask, Trust Wallet and TokenPocket. The apps were found on phones used by victims in the United States, France, Germany, Australia, New Zealand and Japan.

Fake apps and fake websites steal victims’ mnemonic phrases. These phrases are a series of unrelated words, usually 12 to 24 words, that are generated when a crypto wallet application is created. Mnemonic phrases are used to recover the user’s cryptocurrency if the wallet is lost or damaged. But once the mnemonic phrase is entered into one of the fake websites or apps, it goes straight to the hackers.

Once the mnemonic phrase is stolen, the hacker will transfer the victim’s cryptocurrency to multiple disposable wallets. Trend Micro’s threat research team discovered that $4.3 million passed through one of the disposable wallets. Since most hackers have multiple wallets used in these endeavors, we can assume that more than $4.3 million was stolen.

So what can you do to avoid falling victim to this scam? Trend Micro makes the following suggestions:

Download apps only from Google Play Store and Apple App Store.
If you notice any suspicious behavior while updating your crypto wallet app, stop the update immediately and uninstall the app.
To verify the legitimacy of a crypto wallet app, the first time you transfer money, send only a small amount.

Source link