With the cryptocurrency craze continuing to gain traction, more and more people are looking to download a wallet onto their phones with which to store their keys. Unfortunately, hackers have been stealing Ethereum with fake MyEtherWallet apps on the Google Play Store.
Fake MyEtherWallet Apps
Phony MyEtherWallet apps pose a serious threat to gullible users who may not be able to tell a legitimate app apart from the fakes, and a significant amount of money could be stolen by enterprising hackers with some basic development skills who are releasing these MyEtherWallet apps that masquerade as an official representation of the website.
The news about the fake MyEtherWallet apps was tweeted out by Malware researcher Lukas Stefanko on twitter, warning users away from malicious apps that target Ethereum through fake wallets that are being distributed through the official Google Play Store.
There is fake @myetherwallet on Google Play that requires user’s private key or mnemonic phrase to log in.
BTW there isn’t any official MyEtherWallet, yet. pic.twitter.com/6Nn1QFbhEJ
— Lukas Stefanko (@LukasStefanko) January 24, 2018
Stefanko continued by stating that once the fake MyEtherWallet apps are installed, they require users to fill out their private key in order to log in. The researcher’s tweet is included below and gives a sense of what the app actually looks like.
TheNextWeb reports that Google Play data says that the fake MyEtherWallet apps first made their way onto the platform on January 18th, and have since been downloaded between 100 and 500 times. A number of users since then have pointed out that the app is malicious and is only used to steal Ethereum keys.
Strangely enough, the app actually seems to have a decently high star rating of 3.8 stars, and more than 30 positive reviews. Whether these reviews are actually legitimate or placed by the Ethereum hackers remains to be seen, but it’s clear that multiple people have already been taken advantage of by downloading the MyEtherWallet apps.
The cryptocurrency scene in general has been the target of a good amount of fraud, which is made possible due to the anonymity involved with trading and a number of uninformed users coming into an investing space and putting money towards a currency they’re not fully knowledgeable about. There are always risks involved in storing Ethereum keys on electronic devices, and the fake MyEtherWallet apps are just one example of how enterprising hackers are taking advantage of gullible investors in order to line their pockets.
TheNextWeb reports that earlier this week, Ethereum founder Vitalik Buterin warned users to be very careful if someone posting as him contacts them with requests to “send funds.” while the likelihood of a founder asking for money from a user is very unlikely, there are a number of non-tech-savvy people who are trying to get involved in this quickly growing investment arena that can fall prey to basic phishing scams. Google has also been dealing with fraudulent copies of the popular exchange Binance that are looking to turn users into affiliates.
Those looking to stay up to date with the current cryptocurrency exams can take a look at the Ethereum Scam Database. Otherwise, be careful of where you enter your cryptocurrency information to avoid your hard-earned cash being stolen.