McAfee uncovers Android malware targeting crypto wallets

It is impossible to overstate just how important a crypto user’s wallet is to them. In the same way our bank accounts are used to take care of virtually all of our financial responsibilities crypto wallets are vital for the ever-growing use cases of digital assets.

Take gambling, for instance. More people gamble with cryptocurrency than ever before and users have to connect their wallets to the crypto casinos they use or transfer their tokens. After they finish playing, the wallets are then used to store their earnings. All this is before we consider crypto being traded speculatively, used to buy products, and so on.

Needless to say, crypto wallet security is very important and the financial stakes of wallet compromise only goes up each year. But according to new research from McAfee, there is a new malware that targets crypto wallet users with Android devices.

Wallets at risk

These new malware, the study found, make their way onto users’ devices by disguising themselves as legitimate apps. These include utility, banking, and even streaming apps and once unsuspecting users download them, they begin to work in the background looking for recovery phrases. They are usually spread through direct messages on platforms like Instagram where a user is directed to a seemingly legitimate website. When on the website, they’ll be prompted to download an app claiming to be something else.

image1

Anyone who’s downloaded an app will know that you often have to give permission for it to access certain content on your device. These apps ask for permission to access things like contacts, photos, messages, and so on. The goal of this request is to access the users’ recovery phrase.

In the world of crypto wallets. Recovery phrases are a collection of words that a user can use to recover their account if they forget their password. Naturally, many users write down these phrases on their phones for safekeeping, which makes them a target for malicious actors. These malware scan the devices looking for pictures with 12 to 24 phrases written on them and try to copy these phrases.

Should the malicious actors gain access to these phrases, they can enter the users’ wallets and then steal their funds if they want to. And because the wallet would have been accessed via the recovery phrase, the user usually has no way of getting recourse.

“In such a landscape, it is crucial for users to be cautious about their actions, like installing apps and granting permissions. It is advisable to keep important information securely stored and isolated from devices. Security software has become not just a recommendation but a necessity for protecting devices,” McAfee says.

The issue of crypto theft

As crypto only becomes more valuable and popular, we will see scammers create different methods to steal from consumers. This report from McAfee highlights the latest but not the last one. Law enforcement and crypto stakeholders will have to adapt to protect themselves and their money.