Over 10,000 People Have Downloaded Fake Cryptocurrency Apps
The open web can be a dangerous place for cryptocurrency users. Phishing, trojans, and social engineering all come with the territory, ensuring that even the savviest of bitcoin-holders must remain alert. Within the walled gardens of Apple and Google’s app stores, however, there’s an assumption that if a mobile app has been vetted and downloaded in the thousands, it must be safe. That assumption couldn’t be further from the truth, as scores of users have discovered to their peril. Also read: Peer-to-Peer Bitcoiner Gets Year in Prison for Being UnlicensedFake Apps with Real Consequences
Neither the Google Play or App Store is immune from its share of fake, spammy, or fraudulent apps. But it is Android users who tend to suffer most at the hands of unscrupulous developers. One of the most egregious apps, which has hoodwinked thousands of users, is simply named Poloniex. Despite purporting to be the “Poloniex ® Offical App” [sic] of the popular cryptocurrency exchange, it is nothing of the sort. Its description boasts of such features as “Possible powerfull [sic] exchange BTC or altcoins.”
Who’s to Blame?
Estot Vigilans
“Eternal vigilance is the price of liberty – power is ever stealing from the many to the few.” Those words were written by Wendell Phillips over a century ago, but they apply equally today. Scammers will try every possible attack vector to find a vulnerable target; there’s even been reports of fake telephone support purporting to be from Coinbase and Kraken. These hoaxes, which typically emanate from India, are merely an updated version of the Windows telephone support scam.
While the cryptocurrency space attracts its share of chancers, this problem is not isolated; over one million people downloaded a fake version of Whatsapp from the Google Play store, while Bankbot malware, which steals passwords and 2FA details, has been deleted twice by Google, only to show up again, most recently under the name of ‘Crypto currencies market prices’.Stay Safe and Think Before You Click
Users seeking to install a mobile app for their preferred cryptocurrency exchange, ticker or wallet would be advised to click on links from the official exchange, ticker or wallet site rather than risk stumbling upon a fraudulent version within an app store. Even when clicking on legitimate links, however, it pays to be cautious. One security company recently inspected the 90 most popular Android cryptocurrency apps, which have millions of downloads. Their findings? 94% used outdated encryption, 66% didn’t use encryption at all and 44% used hard-coded passwords stored in plain text. While Apple’s ecosystem isn’t entirely squeaky clean, the bulk of the issues with fraudulent or poorly coded apps emanate from Android. Cryptocurrency holders who cherish their security may decide the safest bet is to reserve their trading for desktop and keep their cell phone for price checks. Who do you think should bear the blame for users installing fraudulent apps? Let us know in the comments section below.Images courtesy of Shutterstock.
Bitcoin is a decentralized digital currency that enables near-instant, low-cost payments to anyone, anywhere in the world. Bitcoin uses peer-to-peer technology to operate with no central authority: transaction management and money issuance are carried out collectively by the network. Read all about it at wiki.Bitcoin.com. The post Over 10,000 People Have Downloaded Fake Cryptocurrency Apps appeared first on Bitcoin News.
android App App Store Apple cell phone Google Malware Mobile App N-Featured play store Security Trojan
