ESET’s cybersecurity study revealed a complex scheme in which Trojans disguised as a popular crumpled wallet are distributed.
The attackers targeted mobile devices with Android or Apple (iOS) operating systems and encouraged them to install fake applications.
According to ESET, these malicious applications are distributed through fake websites and mimic the cricket, such as MetaMask, Coinbase, Trust Wallet, TokenPocket, Bitpie, imToken and OneKeу.
In addition, 1З malicious software found for Jaxx Libertу. Google has removed applications since then, but they have been installed more than 1,100 times and continue to be hosted on other websites and social media platforms.
ESET added that since May 2021, it has discovered dozens of such applications of the crypto wallet. It is assumed that the fake applications are distributed by one group and are aimed primarily at Chinese users.
Fake wallet applications behave differently depending on where they are installed. Android users are encouraged to install a crypto wallet for a new cryptocurrency that they have not used before.
IOS users believe they have downloaded any trusted code signing certificates, bypassing the Apple App Store. This means that the user can have two wallets installed at the same time, real and Trojan, but in this case they are less and less threatened due to checks in the App Store.
In this regard, ESET recommends that investors and traders install wallets only from reliable sources linked to the official website of the stock exchange or company.