Author

Topic: [2019-02-13] Fake MetaMask App Found On Google Play (Read 184 times)

newbie
Activity: 10
Merit: 0
I was a victim of this MetaMask Shit, Please we have to be very careful when downloading from Google Play Store.
The Developers of Google should please try and find a way to fish out these Fake Apps.
sr. member
Activity: 1008
Merit: 355
I think those people who have been complaining from the past days about their funds were gone on Metamask were victims of this fake App. If the WLS didn't found out that it is a fake app, Google will not remove it.

This is why I'm very careful on downloading apps on playstore and I only trust those apps coming from the website directly. These frauds shall be taken down by Google Play and take action on the other fraud apps that's still on their platform.

It is quite sad that over and over again fake apps can be found in the Google Play and this is telling us that there is no concrete way that this app marketplace can easily determine a fake from real ones. The thing is that fake appca can easily victimized many people and it is only after something sinister happened that a discovery can transpire. I am hoping that soon there can be a better way that can detect fakes right from the very start...we have to use technology on this as we are now in the technology age and not let allow unscrupulous people from using the same technology to poison the people.
legendary
Activity: 3080
Merit: 1353
When copying and pasting addresses and keys i always double check to ensure it is going to the right place. At least check the last 4 characters which is better than nothing

I also check the first and last 4 characters, just to make sure. I hope though that this fake MetaMask app has been taken down by Google already so that no more damage can be done. And I think this is not the first one though, so I do hope that people learn from this past mistakes. Wonder though how many times this fake apps have been downloaded. Smiley
copper member
Activity: 364
Merit: 4
When copying and pasting addresses and keys i always double check to ensure it is going to the right place. At least check the last 4 characters which is better than nothing
hero member
Activity: 3192
Merit: 939
Be careful what you download from the Google Play store. There is a fake MetaMask app found on Google Play.

The Clipper takes advantage of this mechanism. It dabbles with the content of the clipboard, and instead of pasting your cryptocurrency address into the transaction, you will be inputting the address of the hacker.

Read more here: https://www.unblock.news/news/fake-metamask-app-can-steal-peoples-ethereum

Google Play can't control all the apps that get listed everyday on the platform.Perhaps they should increase the developer's accounts signup fee.It's no secret that malicious apps can still be found on Google Play.
legendary
Activity: 2170
Merit: 1427
Additionally, whoever gets scammed with these apps has to be blamed too. It is unbelievable how you trust an app that came from nowhere and it has appeared in the store.

Not everyone knows what to look for when verifying software, especially when people are rushing to claim whatever shitcoin airdrop. In the end, someone needs to be scammed, then another one, and then dozens of more people in order to have it become public enough to pop up on news outlets like this.

Richard Heart has been hardcore shilling his Bhex shitcoin and recommended people to use MetaMask, so I hope they don't end up falling for the fake one.
member
Activity: 980
Merit: 62
This scam will never be going to stop.

Metamask has been targeted for so many time and something needs to be done from the developers part. Additionally, whoever gets scammed with these apps has to be blamed too. It is unbelievable how you trust an app that came from nowhere and it has appeared in the store.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
Seems like the best protection is still security awareness. How easy it is for people to fall victim for this if they think any apps on Play Store is legit and checked by Google (did you, Google?).

But I wonder why the attacker use the clipper though, why not take the private key directly? I believe some users will enter their private key if they want to import their wallet to this app.

The Private key is never exposed when you transfer funds from your address to the next. This attack is centered around the replacement of any destination address with the hackers Bitcoin address. So you might Copy the receivers address into the clipboard and then the hacker replace that address with his or her own Bitcoin address when you Paste it and hopefully you will not notice it and just click send.

The Clipboard hijacking method is quite common these days, so you must always verify the receivers address, after you pasted it from the clipboard/memory.  Angry  They use different methods to hijack the clipboard and apps on Google Play is just one of them.  Angry
legendary
Activity: 2170
Merit: 1789
Seems like the best protection is still security awareness. How easy it is for people to fall victim for this if they think any apps on Play Store is legit and checked by Google (did you, Google?).

But I wonder why the attacker use the clipper though, why not take the private key directly? I believe some users will enter their private key if they want to import their wallet to this app.
hero member
Activity: 2996
Merit: 580
Hire Bitcointalk Camp. Manager @ r7promotions.com
I think those people who have been complaining from the past days about their funds were gone on Metamask were victims of this fake App. If the WLS didn't found out that it is a fake app, Google will not remove it.

This is why I'm very careful on downloading apps on playstore and I only trust those apps coming from the website directly. These frauds shall be taken down by Google Play and take action on the other fraud apps that's still on their platform.
member
Activity: 186
Merit: 12
Be careful what you download from the Google Play store. There is a fake MetaMask app found on Google Play.

The Clipper takes advantage of this mechanism. It dabbles with the content of the clipboard, and instead of pasting your cryptocurrency address into the transaction, you will be inputting the address of the hacker.

Read more here: https://www.unblock.news/news/fake-metamask-app-can-steal-peoples-ethereum
Jump to: