Hackers spread trojan-infected mobile apps to steal digital assets

March 31, 2022
Hackers Trojan Infected Mobile Apps Digital Assets Malvertising Crypto Wallet Malware

The cryptocurrency landscape might be at risk again after experts discovered threat actors developing and propagating malicious cryptocurrency wallet applications for Android and iOS to steal the digital assets of victims.

From the studies launched by security experts, about 40 imitations of well-known cryptocurrency websites were found to lure victims into downloading trojan-infected mobile apps. Experts also noted that crypto newbies are the most targeted victims of this campaign.

Through malvertising, threat actors also publish their malicious apps within the blockchain and cryptocurrency-related sites where victims can be lured to click and download.

 

The Chinese-speaking hackers behind the campaign were found seeking affiliates within the Telegram messaging app, aiming to propagate malware and steal victims’ digital assets.

 

Aside from Telegram, the hackers also operate on Facebook groups, where they share detailed instructional videos on how the malicious operation works to entice affiliates to join them.

Experts’ analysis has shown that the infected applications work differently on the operating system of a mobile phone. If a user has Android for an OS, the malware will target those that do not have another authentic wallet app on their phone since the malware cannot overwrite an existing app on the device.

On the other hand, iOS users are more prone to this campaign since the malware can overwrite the authentic wallet app installed alongside the infected one. Experts believe that even an experienced digital assets enthusiast can be victimized if the person uses an iOS device.

Lured Android user victims will be instructed to download the malicious application from Google Play Store. However, the app will be installed through the hackers’ servers. For iOS users, since Apple’s security protocols would not let hackers put an app in the App Store, they would instead have the victims install the malicious app through third-party sites.

Nonetheless, the malicious app will work smoothly as a crypto wallet on both operating systems if the victims have successfully installed it on their devices. If they have proceeded to deposit money or crypto assets on the app, the hackers can fully control their wallets and steal their investments.

Experts highly recommend avoiding installing applications from third-party sources to avoid being victimized by the crypto-theft campaigns.

About the author