If you’re going to download apps for your smartphone or tablet, we always recommend getting them from official app stores. That’s because Apple’s Apps Store and the Google Play Store for Android have vetting systems in place that help prevent unscrupulous developers from tricking unsuspecting users into installing shady apps.
Even though app screening does cut down on malicious apps making their way into official app stores, it’s not a perfect system. Sometimes one does slip by.
That’s exactly what recently happened. A malicious app that could rip you off made its way into the Google Play Store.
‘Clipper’ malware found in Google Play Store
Have you ever heard of “clipper” malware? It’s used by cybercriminals to steal information saved to your gadget’s clipboard.
For example, if you’re signing into a website with a super-strong password made up of a bunch of letters, numbers and characters that would be difficult to type, most likely you’re going to copy the password from a saved location and paste it onto the site. Copying the password actually means it’s being saved to your device’s clipboard.
That’s when clipper malware can be dangerous. If your devices are infected with this type of malware, it can be used to steal whatever you save to your clipboard.
Researchers at Eset recently discovered a malicious app that spreads clipper malware in the Google Play Store. It was disguised as an app for a legitimate company called MetaMask.
MetaMask is a browser extension that can be used to transfer cryptocurrency into your digital wallet.
But here’s the problem. The MetaMask app found in the Google Play Store was a fake. MetaMask doesn’t currently have an app. At the moment, it’s only a browser extension for Chrome, Firefox and Opera. Anyone who downloaded this fake app had their gadget infected with clipper malware.
According to the researchers who discovered it, the malware was used to steal a victim’s credentials along with private keys to get control of their Ethereum cryptocurrency funds. But that’s not all.
Another devious feature of this malware impacted digital wallets. If an investor were to copy their wallet address to the clipboard, the clipping malware could replace it with one that actually belongs to the criminals. So you’d end up transferring funds directly into the crooks’ account.
This would work for both Bitcoin and Ethereum cryptocurrency. Yikes!
Situations like this make it critical to avoid malicious apps. Keep reading for suggestions from Google.
Stay protected from malicious apps
As we said earlier, none of the app stores is foolproof. Every now and then, a malicious app will sneak past the screening process.
For Android users, Google suggests following these steps to help stay protected:
Pay attention to reviews
Most popular apps will have reviews by other users in the app store. You can sometimes find reviews by experts online. These are helpful at pointing out malicious or faulty apps. If you find a review warning the app is malicious, do NOT download it.
Check the app’s developer
Verifying the name of the app developer is important. Copycat apps will have a different developer’s name than the actual one. Before downloading an app, do a Google search to find the original developer.
Make sure your operating system is up to date
Make sure your gadget is updated with the most recent Android security update. You’ll get these security updates in regular operating system updates. It’s a great way to patch vulnerabilities.
Avoid third-party apps
Only download apps from the Google Play Store. Even though some malicious apps make it into the Play Store, like this latest incident, it does have a more thorough screening process. This cuts down on the chances a malicious app makes it in. Third-party app stores don’t have these screening processes.
Google Play Protect
One way to stay protected is to opt into Google Play Protect. It is designed to work in the background, protecting users from malicious apps in real time. Click here to learn more about it and how to opt in.