The malware program called ”Clipper” had reportedly been “intercepting” the clipboard content of crypto users when they filled in various forms cryptocurrency addresses. If the end user then submits the transaction without noticing the change, the attacker receives the currency. Reported to Google after being discovered on the Play Store on February the app containing malware has now been taken down. The crypto stealing malware was also found on Android App Store.
The suspect app was called MetaMask, a service for managing Ethereum-based distributed applications , or Dapps.These malicious software programs execute scripts on users’ PCs that are programmed to detect crypto addresses on an operating system’s clipboards. The malicious clipper gains access to the victim’s credentials and their private keys. This allows the attacker to access and steal the user’s cryptocurrency from their wallets. MetaMask’s official website has no mention of mobile applications – only desktop browser extensions. Cryptocurrency experts have long recommended users to store the bulk of their balance in offline cold-storage, and only keep a minimal balance on mobile wallets for daily use. Users should verify that all transaction information is correct before submitting.