Author

Topic: Not all crypto apps in App stores are safe (Read 569 times)

copper member
Activity: 2114
Merit: 1814
฿itcoin for all, All for ฿itcoin.
February 20, 2019, 09:00:32 PM
#28
When it comes to downloadable apps may it be exchanges or wallet apps I always look for the announcements in their actual website itself. This way I know that they do have an official downloadable app in the app store, other than that I always prefer on clicking the redirect links being given by these websites so that it leads me right straight to their download page without the hassle for searching it on my own.
This is the exact thing to so I have been trying to put so much emphasis in it... Get to the official website, Get the download links from the official site, Do a direct download or get redirected to the app stores using the links from the official websites

Good stuff and when looking at reviews. Be very careful too.

Some scammers have included reviews in their logos. Don't fall for that. Example:



Credit: https://twitter.com/LukasStefanko/status/1092356795211935744
Thanks for bringing this attention. That's why it's very important to always read the reviews rather than just look at the star rating.
full member
Activity: 168
Merit: 214
WhoTookMyCrypto.com
February 20, 2019, 02:59:16 AM
#27
Good stuff and when looking at reviews. Be very careful too.

Some scammers have included reviews in their logos. Don't fall for that. Example:



Credit: https://twitter.com/LukasStefanko/status/1092356795211935744
hero member
Activity: 1806
Merit: 672
February 19, 2019, 06:34:29 AM
#26
When it comes to downloadable apps may it be exchanges or wallet apps I always look for the announcements in their actual website itself. This way I know that they do have an official downloadable app in the app store, other than that I always prefer on clicking the redirect links being given by these websites so that it leads me right straight to their download page without the hassle for searching it on my own. I have this issue before where a newly launched wallet have several "official" apps in the app store, that got me curious and after some research work I found out that they still have no apps being develop as of the moment.
copper member
Activity: 2114
Merit: 1814
฿itcoin for all, All for ฿itcoin.
February 12, 2019, 10:12:37 AM
#25
After reading the article that was in the post which was made in the scam accusation board; Google Play Store Caught Hosting Fake Metamask Crypto Malware

I decided that maybe bumping this thread for visibility once more wouldn't help sensitize new some members who might not know anything about how fake apps have infiltrated the app stores.
legendary
Activity: 3234
Merit: 1375
Slava Ukraini!
December 09, 2018, 07:08:14 PM
#24
I'm not an Apple fan Cheesy Actually I don't like Apple! I'm using Android Wink I just don't use mobile wallets.
I am not technically strong enough to explain exactly what the Android gaps are, but I will give you examples of interesting articles about this:

https://cointelegraph.com/news/major-risk-for-mobile-android-wallet-users

This one is very old, but also interesting:

https://bitcoinmagazine.com/articles/critical-vulnerability-found-in-android-wallets-1376273924/

I hope It will help.
Thanks for the links to these articles. I'm not saying that Android is perfect system, as your links shows. But in my opinion, in mostly cases it's fault of phone users that they lost monry. They are just not careful enough - they download fake wallets, don't use antivirus, 2fa and etc. If you don't follow even basic security suggestions, you're unsafe, no matter which system you're using - Android, Windows or iOS. I found one article https://www.cnbc.com/amp/2018/01/24/hackers-targeting-apple-google-app-stores-with-malicious-crypto-apps.html and I'm actually surprised that some fake crypto apps were found on Apple App Store also.
newbie
Activity: 54
Merit: 0
December 09, 2018, 01:29:58 PM
#23
you can never be too careful when it comes to these kind of apps. especially ones that involve your own money :/
sr. member
Activity: 585
Merit: 251
December 09, 2018, 10:33:59 AM
#22
If we're talking about Android apps, then we can say, that probably none app is safe. Android has so many gaps in the system that every good hacker will have no problem getting into your mobile wallet.
Tell us more about what exactly you're talking. Or it's just whataboutism from Apple fan?

I'm not an Apple fan Cheesy Actually I don't like Apple! I'm using Android Wink I just don't use mobile wallets.
I am not technically strong enough to explain exactly what the Android gaps are, but I will give you examples of interesting articles about this:

https://cointelegraph.com/news/major-risk-for-mobile-android-wallet-users

This one is very old, but also interesting:

https://bitcoinmagazine.com/articles/critical-vulnerability-found-in-android-wallets-1376273924/

I hope It will help.
legendary
Activity: 2310
Merit: 2073
December 09, 2018, 10:08:14 AM
#21
Great advice for beginners. I advise you to always download cryptocurrency wallets that are listed only on the official websites of the projects or on github. It should never let you down. If you do not know the official website of the token, you can watch it on coinmarketcap.com
member
Activity: 952
Merit: 41
December 09, 2018, 06:12:47 AM
#20
Your analysis are very correct not all apps in appstore are secured in fact the regular cases of hacking into wallets always come from apps from google playstore each time you download any application from the app store your give access to hackers to have access to your personal files and private keys. I lost my coin on an exchange like that.
hero member
Activity: 1232
Merit: 738
Mixing reinvented for your privacy | chipmixer.com
December 08, 2018, 06:57:30 PM
#19
1. Always try as much as possible to download Exchange and Wallet apps from official site links to avoid landing on fake apps in playstore.
this one act will save you countless time from downloading rogue apps
and make sure the official site is also a legitimate well known business that has been around for awhile
an official site without good business track record could still pose a threat and have hidden agenda in its app
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
December 08, 2018, 12:59:14 PM
#18
I came across a post on a personal website (see Fake cryptocurrency wallets found on Play Store), where the author, a malware researcher that works for ESET, writes about how he found recently four Apps on Google Play Store that were fake, and impersonating existing cryptocurrency wallets for Neo, Tether and Metamask.

The author claims that these apps often act as phishing apps or fake wallets where you do not really have the private keys at all. What surprised me most, is that apparently, these apps were created using a drag & drop builder, that required close to zero programming knowledge …
member
Activity: 554
Merit: 11
December 08, 2018, 11:28:12 AM
#17
Hello,

Thank you for your opinion. We believe it is a matter of personal choice which kind of wallet to use.
We've been providing our service to millions of users throughout the world quite for long. Had we short-term and "dark" goals, we'd leave this market a long time ago.
BTW, our apps are qualified for the Apple Store, too, with a so far good rating.
Every active service is receiveing hundreds of complaints a week and can be often referred to as a "scam" one.
We are always ready to face each individual complaint and resolve it.

Hi. First off, I'm definitely not saying that you're a scam or something, as I haven't tried using your service.

With that said, I'm pretty sure even your service is receiving a good amount of complaints due to accounts getting locked for whatever reasons(due to the complaints I've read in the past on Reddit r/bitcoin and r/cryptocurrency), not only other wallets. Not sure right now though, as I barely visit Reddit these days.

I'm afraid only we can know if the person spamming on BitcoinTalk, Reddit and other social media has been suspected and found in illegal activity and hacking attempts. Attracting attention is also technique hackers, black PR employees, etc use to spam other services. For example, there is an account on Reddit who's posted about 20 posts attracting attention to his 'account block' but after people saw that his story was different every time, he lost credibility. This is just one of the cases.

What makes Freewallet and our support team different is that we strive to find every user complaint or report and follow up on it.
In conclusion, big titles are big on attracting attention but only in comments you will see a resolution.
full member
Activity: 406
Merit: 102
December 08, 2018, 11:21:22 AM
#16
It's a good idea to bring this up.

It is really easy to get lulled into a false sense of security.  Hey, it is on the official app store,  must be safe, right??         I don't use mobile wallets, but if you do - just go straight to the source,  make it a secondary wallet and only put the crypto you intend to use for that day on it.       That's the only way to minimize your risk.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
December 08, 2018, 08:50:19 AM
#15
Hello,

Thank you for your opinion. We believe it is a matter of personal choice which kind of wallet to use.
We've been providing our service to millions of users throughout the world quite for long. Had we short-term and "dark" goals, we'd leave this market a long time ago.
BTW, our apps are qualified for the Apple Store, too, with a so far good rating.
Every active service is receiveing hundreds of complaints a week and can be often referred to as a "scam" one.
We are always ready to face each individual complaint and resolve it.

Hi. First off, I'm definitely not saying that you're a scam or something, as I haven't tried using your service.

With that said, I'm pretty sure even your service is receiving a good amount of complaints due to accounts getting locked for whatever reasons(due to the complaints I've read in the past on Reddit r/bitcoin and r/cryptocurrency), not only other wallets. Not sure right now though, as I barely visit Reddit these days.
member
Activity: 554
Merit: 11
December 08, 2018, 06:33:51 AM
#14
Hello,

Thank you for your opinion. We believe it is a matter of personal choice which kind of wallet to use.
We've been providing our service to millions of users throughout the world quite for long. Had we short-term and "dark" goals, we'd leave this market a long time ago.
BTW, our apps are qualified for the Apple Store, too, with a so far good rating.
Every active service is receiveing hundreds of complaints a week and can be often referred to as a "scam" one.
We are always ready to face each individual complaint and resolve it.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
December 07, 2018, 07:09:56 PM
#13
Yes not all apps are free of viruses, and is recommend to use the most used apps that have not any problem or scam accusation and if want store large amounts better invest in hardware wallet, i think is the safest way to secure your money and not cost a lot. Better stay safe than losing all earned money.

Freewallet counts 3million users + across its platforms. Right now, I wouldn't even know a wallet with such a great database without both positive and negative feedback. Providing such an extensive service exposes us to competition but we are happy to take it on and provide the best service in the market.  Wink

Hi. I'm not talking about security here. I'm mostly talking about account access or access to funds. FreeWallet doesn't provide their users their wallet's private keys, which is a huge drawback and defeats the purpose of "being your own bank" with bitcoin, or cryptocurrencies in general.
legendary
Activity: 3234
Merit: 1375
Slava Ukraini!
December 07, 2018, 06:53:06 PM
#12
Good topic, OP. This is a serious problem nowadays. There are lot fake wallets in Google Play store. The problem that is very easy to upload app to Google Play - you only have to pay $25 sign up fee. These apps don't even have to checked by Google staff. iOS is better at this aspect because it's more difficult to upload apps to their store.
But it's not that difficult to spot fake wallet. Usually original wallet are shown at the top of search results. Original wallets usually have large number of downloads and many reviews, while one of indicators of fake wallet is small number of doenloads and reviews.
Freewallet uses an account verification procedure to prevent hacking attempts and money laundering. We have an excellent track record of blocking accounts used for illicit activities and we will keep improving our security algorithm.

If you have not been suspected in any illegal activity, you are more than welcome to use Freewallet.
Centralized wallet which can seize users money if they find something what they don't like - this is what we really need. IMO, such wallets aren't much better than these fake wallets mentioned in this topic.
If we're talking about Android apps, then we can say, that probably none app is safe. Android has so many gaps in the system that every good hacker will have no problem getting into your mobile wallet.
Tell us more about what exactly you're talking. Or it's just whataboutism from Apple fan?
sr. member
Activity: 585
Merit: 251
December 07, 2018, 02:45:55 PM
#11
If we're talking about Android apps, then we can say, that probably none app is safe. Android has so many gaps in the system that every good hacker will have no problem getting into your mobile wallet.
member
Activity: 280
Merit: 14
December 07, 2018, 01:21:25 PM
#10
Yes for sure infact not everything on the internet is safe but I would say our best option would be play store or apple store.

But it's best to get app from the original source but they might direct you to stores so that you can be able to get them

legendary
Activity: 2184
Merit: 1302
December 07, 2018, 01:19:03 PM
#9
It's always necessary to go through customer reviews before downloading an app to see if previous customers have had issues with such applications or if there are numerous scams accusations,that way such Info gets you to stay away from downloading through that source.
copper member
Activity: 2170
Merit: 1827
Top Crypto Casino
December 07, 2018, 01:07:12 PM
#8
Ya, that's right bro many app in appstore is not trusted. Safe way to check it, you can download in their website. I always download any app wallet on their website, because its will redirect to their app. Sorry for my bad english   Grin
I think what OP was trying to mean is that always try to download wallets apps or get download links from the coin's official websites like for bitcoin, you can get download links from The bitcoin project's official site: https://bitcoin.org
If it is an Ethereum wallet you want to download, you can get the download link from the Ethereum project's official site: https://www.ethereum.org

Same thing for Exchange apps, If it's a binance app, get the download links directly from the official website which is https://www.binance.com/clientDownloads.
This way you avoid landing on fake apps.
I hope you now understand
member
Activity: 554
Merit: 11
December 07, 2018, 01:05:12 PM
#7
Yes not all apps are free of viruses, and is recommend to use the most used apps that have not any problem or scam accusation and if want store large amounts better invest in hardware wallet, i think is the safest way to secure your money and not cost a lot. Better stay safe than losing all earned money.

Freewallet counts 3million users + across its platforms. Right now, I wouldn't even know a wallet with such a great database without both positive and negative feedback. Providing such an extensive service exposes us to competition but we are happy to take it on and provide the best service in the market.  Wink
member
Activity: 554
Merit: 11
December 07, 2018, 01:03:16 PM
#6
Ya, that's right bro many app in appstore is not trusted. Safe way to check it, you can download in their website. I always download any app wallet on their website, because its will redirect to their app. Sorry for my bad english   Grin

A perfect example here would be FreeWallet; they control your private keys, and I've heard a lot of complaints everywhere of people having their funds locked.



Freewallet uses an account verification procedure to prevent hacking attempts and money laundering. We have an excellent track record of blocking accounts used for illicit activities and we will keep improving our security algorithm.

If you have not been suspected in any illegal activity, you are more than welcome to use Freewallet.
hero member
Activity: 1414
Merit: 516
December 07, 2018, 12:48:37 PM
#5
Yes not all apps are free of viruses, and is recommend to use the most used apps that have not any problem or scam accusation and if want store large amounts better invest in hardware wallet, i think is the safest way to secure your money and not cost a lot. Better stay safe than losing all earned money.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
December 07, 2018, 11:34:41 AM
#4
Ya, that's right bro many app in appstore is not trusted. Safe way to check it, you can download in their website. I always download any app wallet on their website, because its will redirect to their app. Sorry for my bad english   Grin

Downloading an app on their official website doesn't automatically mean that the app is safe. You could download the app from it's own website but could end up being a fraud app to start with. So what do you do? Do research on the app that you're planning on using, and take a look at the top alternatives instead. I really don't suggest risking using the newer apps unless it's open source and you can audit the code yourself. A perfect example here would be FreeWallet; they control your private keys, and I've heard a lot of complaints everywhere of people having their funds locked.

legendary
Activity: 2702
Merit: 4002
December 07, 2018, 11:13:35 AM
#3
Prevention is better than cure, do not download any application unless you need it.

 - Check the link multiple times: Clicking or unverifying links makes you download harmful apps.
 - Check out what's paste: Any URL you copy can be changed to malicious addresses.

There are lots of tips but knowing them will save you from losses.
jr. member
Activity: 304
Merit: 5
December 07, 2018, 08:03:33 AM
#2
Ya, that's right bro many app in appstore is not trusted. Safe way to check it, you can download in their website. I always download any app wallet on their website, because its will redirect to their app. Sorry for my bad english   Grin
copper member
Activity: 2114
Merit: 1814
฿itcoin for all, All for ฿itcoin.
December 06, 2018, 02:47:38 PM
#1
Most of us trust app stores such as google playstore while knowing that all the apps in there are verified, safe and don't have any malicious intent on our private information and funds but this is not always true.
These app stores are a sea of good and bad apps. Therefore extra steps must be taken to safeguard your funds and other sensitive information.

Time and time again I have seen articles like this Ethereum Scam App Appears on Google Play Store, Malware Researcher Reports and I just thought may I would try to alert some users here about it and how you may avoid being a victim

Am gonna look at majorly Wallets and Exchange apps. Of course, this can stretch out to other apps like trade signal apps, price alerting apps but they are not as damaging as the first two.


A. FAKE WALLET APPS

These are created with the intent to;
1. Lure you into importing your address in them thereby giving the hacker behind the wallet your private key or mnemonic phrases. The hacker later uses your private key to access your account and withdraw all the cryptos in it

2. Generate for you a public and private key which the hacker already knows, as soon as you send your digital assets into your new wallet, the hacker just withdraws it since he has access to the private key

A classic example of such fake crypto wallets is this:

 


B. FAKE EXCHANGE APPS

This is common especially with exchanges that are re-known in crypto trading but have no official app. Exchanges like Bittrex, Coinexchange,
Kraken, HitBTC etc
Time and time again, fake apps keep popping up in google playstore. However, on my recent check, I found out that most of them had been removed from the app store
These are created with an intent to phish your login details so that they can easily access your trading account and steal whatever asset you have kept in your exchange wallet.




How to avoid being a victim

1. Get Download links only from Official websites.
Always try as much as possible to download Exchange and Wallet apps from official site links to avoid landing on fake apps in playstore. For example, once you visit the official NEO website, you will be able to see Official and authentic wallets under the client tab; https://neo.org/client
For bitcoin's case, you can easily get your favorite wallet through the "Choose your wallet" tab which can easily be seen on the Official bitcoin Website; https://bitcoin.org/

How to get official project/coin website links?
coinmarketcap is your friend here.



2. Look at the number of downloads
If the downloads are so few, do not download. Authentic apps usually have so many downloads, at least 1000+

3. Look at the reviews
i.   So many reviews mean the app is being used by so many real users, fewer reviews could mean fake reviews.
ii.  Only positive reviews throughout is a red flag, someone is trying to make their app look good to use.
iii. Burst reviews(so many reviews at only a certain period of time) can also mean fake reviews

4. Enable 2 Factor Verifications for all your exchange accounts and emails
This will make it hard for the hacker to get into your exchange accounts and emails.

Be safe with your cryptos folks.
Jump to: