App impersonating MetaMask, one of the oldest Ethereum based DApps and provide services to access the Ethereum decentralized applications better known as dApps.
Malware is known as ‘Clipper’ it replaces copied cryptocurrency wallet addresses with an address belonging to an attacker in the hope funds will be sent elsewhere without the user noticing.
ESET said that the primary purpose of the malware was to steal the private keys and credentials of MetaMask users’. This information could then be used to access the user’s Ethereum funds.
However, the Crypto malware can intercept Bitcoin and Ethereum wallet addresses copied on the clipboard.
After its discovery, the team at the security firm reported the matter to Google’s security team, and the app was removed from the Play Store, although it is unclear how many users were affected by this fake app.
Interestingly, MetaMask does not offer an app product that can be accessed through mobile devices. It’s the reason that made ESET suspicious about the fake application.