Three fake Bitcoin applications were recently removed from Google Play after security researchers discovered they were tricking users into sending funds to their developers, mobile security firm Lookout has discovered.
The impressive increase in Bitcoin value over the past several months has stirred interest from individuals worldwide, including cybercriminals. The number of attacks involving the cryptocurrency has increased recently, and it appears that they moved to mobile as well.
Detected as PickBitPocket, the rogue applications in Google Play were designed in such a way that they provide the attacker’s Bitcoin address instead of the seller’s. The malicious programs registered a total of up to 20,000 downloads before Google removed them from the application storefront.
Basically, when attempting to buy goods or services from an Android device where a PickBitPocket wallet app is installed, the user ends up routing the Bitcoin payment to the attacker.
The three fake Bitcoin apps, Lookout reports, included Bitcoin mining, which had between 1,000 and 5,000 installs at the time it was removed, Blockchain Bitcoin Wallet – Fingerprint, which had between 5,000 and 10,000 installs, and Fast Bitcoin Wallet, with between 1,000 and 5,000 installs.
“As Bitcoin captures broader interest, this means more people may be purchasing the cryptocurrency, or looking for mobile wallets to store their coins. Individuals should be vigilant in choosing a secure wallet and should also have a security solution in place to identify malicious activity on their device,” Lookout concludes.
Related: Android Malware Steals Data from Social Media Apps
Related: Multi-Stage Android Malware Evades Google Play Detection
Related: Android Malware Exploits Recently Patched ‘Toast’ Flaw