Beware of misleading software: Crypto criminals are stepping up their game
Some are just annoying, but some can inflict real damage.
Recently, an application on Google Play has been crossing quite a few users. The software, called “Bitcoin Cash TESTNET,” has nothing to do with Bitcoin Cash. It was also previously named “Bitcoin + Lightning Wallet,” and its recent name change is likely nothing but a deliberate attempt to troll users.
While this may be annoying, there are actually far worse applications currently lurking around in the space. Last year, users lost over $3.2 million to a bitcoin gold (BTG) wallet scam after inputting their private keys into the fake wallet, expecting to receive their BTG shortly after the October 25 fork. Several other scams did the same thing and it has been known that such cons are rampant particularly around the time of blockchain forks.
Phishing scam has also proven damaging, with fraudsters simply switching certain letters with another character that looks similar to resemble legitimate websites as closely as possible. Crypto criminals have also been progressing, going so far as to discreetly hack legitimate websites and replacing official wallet addresses and payment links to lead to their own wallets. This attack has been known to target ICO’s, and became widely infamous after CoinDash fell victim to it.
Some were even able to publish entire mobile applications on Google Play and the App Store dedicated to hoodwinking cryptocurrency enthusiasts, with several of them mimicking Poloniex.
According to a release by RiskIQ in January this year, an analysis of 18,408 apps across 20 app stores has uncovered 661 malicious cryptocurrency applications that were floating around official app stores, with 272 of them on Google Play. The applications steal money and personal data. Fabian Libeau, EMEA VP of RiskIQ, issued a warning to investors.
“We are seeing threat actors around the world exploiting what is already a hostile currency in a lawless digital world. Before handing over any cash or personal data, investors should carry out thorough research into the exchange and wallet apps they intend to use. By checking the developer’s name, user reviews and the number of app downloads, investors can measure the validity of an app and be more confident in their choice,” said Libeau.