• Cryptocurrency is the new buzz in the world of investing
  • People inspired by stories of successful investors are lured to invest in digital tokens
  • Malicious attackers target new cryptocurrency investors, especially those who don't have crypto wallets

A new sophisticated scheme involving iOS and Android apps posing as crypto wallets and targeting new cryptocurrency investors has been uncovered by an internet security company.

ESET, the internet security and antivirus maker firm, reported a complex cryptocurrency scheme that has been targeting iOS and Android users since May 2021. Malicious actors reportedly stole digital assets, tokens and owners' info using the malware.

In its research, the security firm detailed how easy it is for malicious actors to ride the wave of crypto buzz to lure new victims.

The antivirus firm uncovered dozens of iOS and Android apps that actually look like legit crypto wallets, but are, in fact, carriers of malware payloads. These fake apps reportedly impersonate Coinbase, Trust Wallet, Metamask, imToken, TokenPocket, BitPie and OneKey, and are distributed via sketchy websites that seem trustworthy.

This illustration photo shows the Coinbase logo in the background as a person checks cryptocurrencies prizes on a smartphone in Los Angeles on April 13, 2021
This illustration photo shows the Coinbase logo in the background as a person checks cryptocurrencies prizes on a smartphone in Los Angeles on April 13, 2021 AFP / Chris DELMAS

Moreover, these fake crypto wallets copy the official advertisements used by Coinbase, Metamask and other legitimate blockchain wallets to appear legit. Hackers also use misleading articles to promote sketchy websites that distribute fake apps.

Cybercriminals also used intermediaries to expand their reach on Telegram and Facebook to target unsuspecting users and lure in more victims. Researchers noted that these actors communicate in Chinese, and use messaging apps like Telegram to look for affiliates who would help them spread the malware.

Moreover, ESET revealed there are some Facebook groups that share step-by-step tutorials, complete with videos, screenshots and links, on how the fake crypto wallet works and how actors steal crypto from victims.

"These malicious apps also represent another threat to victims, as some of them send secret victim seed phrases to the attackers’ server using an unsecured HTTP connection. This means that victims’ funds could be stolen not only by the operator of this scheme but also by a different attacker eavesdropping on the same network," the security firm explained in a blog post.

According to ESET, malicious apps behave differently on iOS and Android. The fake apps target new crypto users that do not yet have a wallet app installed on their Android devices. On iOS, victims could install both the faked apps and the legitimate crypto wallet.

Cryptocurrency is a booming industry with many users flaunting their wealth and advertising they have struck gold in digital assets. Many users are curious and want to try their luck in crypto. While many are attracted by the sparkle of the "new gold," malicious attackers see the influx of investors as a new opportunity to exploit unsuspecting victims.

For new investors looking for a reliable crypto wallet, the only place to download them is on Apple App Store for iOS users and Google Play Store for Android users.