ESET Discovered MetaMask-Impersonating Malware in Google’s Play Store

Cyber-security experts at ESET labs have raised a red flag for a malware, found on Google’s mobile app platform, Play Store.

The team at ESET discovered a clipboard-replacement malware in the Play Store and immediately signaled Google, which removed the app from their servers. This is the first time such malware had passed Google’s security protocol.

The malware was released into Google’s Play Store on February 1st, 2019, according to a statement by ESET’s security experts.

The malware, named Android/Clipper.C was well “masked” under a MetaMask mobile app, but the team at MetaMask never released a mobile version. Their software is only available as a plugin for Chrome and Firefox.

The basic principle of the app is rather old, experts are stating, but works by changing the private address of a given wallet with the attacker’s, so funds could go straight into fraudulent hands. The other notable trait of the clipper is the ability to send user credentials and private keys, thus giving full control over the tokens in the wallet.

Crypto malware and wallet hijacking have been among the top concerns in the fintech world. More and more crypto malware is being discovered in movie download sites, even at places like Cnet.

In November, MetaMask released information that the company is planning the release of a mobile app, which may be the primary reason for users to be “baited” into downloading such application on Google’s Play Store.

Browser companies are also going in the battle against malware, and Mozilla recently also joined the game. Browsers like Brave are also stating that ads are the easiest way to inject malicious software for crypto-jacking and even using victim’s computers as mining rigs.