Just recently, Google’s popular Play Store has taken off a crypto app dubbed MetaMask. The piece of software proved to copy addresses from phone owners’ crypto wallets, where they just copy and paste addresses and steal their virtual riches.
ConsenSys-made app gets hijacked
The app would change the address from the recipient’s to a hacker’s one instantly, without users noticing it.
Experts believe this is the first malware of the kind, powered by Android.
Initially, MetaMask was an app created by Ethereum’s developer studio ConsenSys, and it quickly became popular among the crypto community. It had millions of downloads via Google Chrome and Firefox browsers.
Presently, it cannot be installed on smartphones, having proven to be insecure.
Play Store seems to put apps up for sale without checking them first
The case with MetaMask turned to be an astonishing experience for the whole crypto community and yet another shot against Google’s Play Store, which has previously already been under criticism for selling apps without giving them a proper check first.
Google Play is not the only store where users buying apps can get a crypto ‘Trojan horse’ – apps that steal people’s crypto were also sold on other websites such as download.cnet.com, and in unofficial Android stores.