Google Play has once again caused security concerns in the cryptocurrency community, with the discovery of a Malware named “Clipper,” making the rounds on the application store.
“Clipper” was first seen in an impersonation of MetaMask, a full-browser extension that allows a web-browser to run Ethereum applications without the full node. The malware keeps a track of the copy-paste clipboard in the affected system and corresponds those values to the alpha-numeric code of the user’s cryptocurrency address. Since the address is quite complicated, several users use the copy-paste shortcut to enter the code, the same is the target of the malware.
After the address is identified whilst on the device’s clipboard, the hacker will replace the original address with his own, if this swap is not detected, the cryptocurrency in the said transaction will flow to the hacker’s account.
Clipper was the first known malware application of this sort to breach Google’s robust verification procedure; the application was eventually picked up by Eset, a cybersecurity company.
Since cryptocurrencies are dependent on technology and large-scale investment, they have been the easiest target for malicious actors who curate a phony-technology that can circumvent a user’s computer and security system in place, and steal their cryptocurrencies right off their device.
Moreover, instead of stealing the actual cryptocurrency, malicious software has been created to steal the computational power off a device, which will allow third-party users to use the device to mine cryptocurrencies, a process called, “crypto-jacking”.
Popular websites like the file-sharing giant, The Pirate Bay, used the web browser miner called CoinHive to ‘crypto-jack’ their customers’ home devices. Some users felt cheated about the mining scam, others were compliant if they received a service and were informed about the same by The Pirate Bay, right at the outset.
A recent report by the Moscow-based computer security software maker, Kaspersky Labs, stated that the crypto-jacking incidents have increased by 400 percent just in the whole of 2018. The study noted that the total number of reported cases have shot up to 13 million, in 2018, an increase of 400 percent against the 3.5 million cases recorded in 2017.
The Bitcoin mining device manufacturer, Bitmain was also accused of creating devices that would mine cryptocurrencies on behalf of the company and not the intended user. A miner based out of California even filed a class-action lawsuit against the manufacture accusing the company of using their ASIC devices of defrauding customers. The lawsuit was filed by a Gor Gevorkyan, an owner of an Antminer 9, who stated that the default setting on the device contributes to Bitmain’s own account on its Antpool server.
Another report from the security firm Symantec stated that based on data of December 2017, 24 percent of all web attacks emanate from Coinminers and over the last three months of 2017 alone, the figure was 16 percent. The report added:
“There were twice as many detections of coinminers on consumer machines than enterprise in December, when browser-based coinminers surged, indicating that coinminers are affecting consumers more than enterprise users.”