“The server of the app dumped the credentials of the users on an external server, which provides the data to the cybercriminal.”
According to reports from the computer security company ESET, the app has gone through a Trezor program, a hardware that stores cryptocurrency portfolios. But, through it, it is not possible to manage the money stored in the Trezor devices.
However, researchers have discovered that the app is connected to a second Android app that may be used to trick users and provide access to their cryptocurrency portfolios.
In this way, the server of the app dumped the credentials of the users in an external server, which provides the data to the cybercriminal. According to Lukas Stefanko, researcher at ESET, “The app says to allow users to create digital wallets for different types of cryptocurrencies. However, their real purpose is to trick them into transferring their cryptocurrencies into the attacker’s wallet. “
Despite the fact that, according to Stefanko’s statements, the app had a reliable appearance, the cybercriminal manipulated the name of the developer company of the app to pose as one linked to Trazor.
In this sense, the app, which was launched on Google Play on May 1, quickly positioned itself as the second most popular app related to Trazor, just behind the official hardware app.
In fact, according to the data obtained from Google Play, the app obtained more than a thousand downloads, which could mean that the data and money of a large number of users has been at risk or even stolen.
After its discoveries, the ESET firm has contacted Google, which the company has responded by eliminating the app from its download platform.
The news comes after just one month ago, a malware attack 32 cryptocurrency apps, putting users’ data at risk and exposing them to possible thefts.