Malware Impersonating MetaMask Removed From Google Play

The decentralized app (dApp) MetaMask was facing some issues the other day after cryptocurrency scammers put up malware that impersonates the dApp on Google Play according to the reports that reached our crypto news today from cybersecurity company Eset.

The malware was working in a way that it replaces the computer clipboard information and trying to steal your cryptocurrencies at the same time. However, it got removed by Google just as February started after the Eset researchers warned Google about the possible attack.

The name of the malware was ‘’Clipper’’ and was able to replace the copied crypto wallet addresses with another address that belongs to the attacker with the goal of obtaining the funds that would eventually have been sent somewhere else without the user noticing.

This is one of the first time malware such as this one was used and successfully passed the Google vetting procedures according to the cybersecurity company. Eset pointed out:

 “The clipper we found lurking in the Google Play store, detected by ESET security solutions as Android/Clipper.C, impersonates a legitimate service called MetaMask. The malware’s primary purpose is to steal the victim’s credentials and private keys to gain control over the victim’s Ethereum funds. However, it can also replace a Bitcoin or Ethereum wallet address copied to the clipboard with one belonging to the attacker.”

MetaMask is one of the oldest ethereum-based decentralized applications and has a victim of multiple scam attacks before. Last year, a couple of Google Developers removed the app from the play store but it later turned out that was a mistake.

Back in November 2018, MetaMask announced its plan for launching a mobile app and got another set of malicious attacks after the announcement.