Anti-virus company ESET announced the discovery of it professionals new malicious apps in Google Play. The program was disguised as a legitimate cryptocurrency services and was intended to steal user credentials. Forgery imitated the official services of the NEO, Tether and MetaMask for users of the cryptocurrency.
Application MetaMask (a wallet for cryptocurrency Ethereum) acted according to the classic phishing scheme. After installing and running, the user was asked to enter the private key and password from your cryptocurrency wallet – these data are then at the disposal of the intruders.
The Second scheme, the fake purses, acted as app NEO and the Tether created by the same author (group of authors). Real cryptocurrency wallets to generate user private key and a public address to transfer funds. Forgery instead show the user a public address of the wallet of the attacker. The cryptocurrency is translated to this address, it is impossible to return without the private key, access to which is only at the intruders.
Fake applications created using the widely available designer mobile application that allows you to "collect" such a program without special knowledge and skills.
After treatment specialists ESET malicious applications were removed from Google Play.