Bitcoin Forum

A new Trojan horse malware is trying to steal fiat and crypto assets, the Next Web writes. The malware called “Gustuff” is designed specifically for Android phones, targeting customers of big international banks and cryptocurrency exchanges.

https://www.theblockcrypto.com/tiny/cryptocurrency-and-banking-apps-targeted-by-new-android-malware/

Cryptoocurrency apps have been targets, including Coinbase, BitPay, and Bitcoin Wallet. The malware also targets JPMorgan, Wells Fargo, and Bank of America clients, as well as payment systems and messenger services.

Group-IB discovered Gustuff spreads via SMS messages. It provides links to “malicious Android package kit files,” using contact lists to spread from user to user. Group-IB advises users only download apps from Google Play.

Of course anyone who will act dumb deserves to get scammed as this will help them to keep them aware of future scams and keep them safe. Downloading random stuffs from an unknown third party source is always risky and no one should actually do this. These all are just basic common sense.
And if you are using online wallets like coinbase, then please stop using those wallets. You are prone to getting scammed/hacked!

This is like saying "if you forgot to lock your door, you deserve to get robbed and murdered". A huge percentage of the population, especially the eldery and people with poor education are not very tech-savvy, and it's unrealistic to expect from everyone to know how malware and OS's work and to know all security best practices. It is the duty of all software developers to make their programs as resistant to malware as possible. Blaming the user doesn't work in the real world, because users will just stop using the product.

This kind of strategy through SMS is an old strategy to spread a virus like on Symbian OS Nokia series before it may spread a virus that may damage your phone or monitor all of your activity like a keylogger. So it isn't possible to happen too in Android OS that may steal all of your crypto assets.

That is why if you receive something suspicious on SMS don't click it instead use a 3rd party apps that may block the number and mark it as spammy.

Also, beware of using clone Android phones or any MTK or Dragon CPU based phones because they don't have protection compared to original phones like Samsung. Also, don't root your phone because if it's rooted the virus can easily bypass your security remotely and steal your sensitive information.

And not only SMS, same with mail, chats or any other social network/communication platforms.

A phishing link could spread in a lot of ways not only that, even from an infected friend or a hacker impersonating your friend's email, for example by using something that looks alike or has the same name. Since with the things we do often we tend to not look too carefully into it.

It's surprising how many changes we could miss when they are inside the house we live in for example.

It's not only users responsibility to protect themselves against malware viruses as developers of an app should take care of that by creating a secure system that protects their customers money. People can't do much against malware programs because most of the times they came from where you expect less and it's almost impossible to notice that your device was infected with a malware.
You can't just tell people to stop using this wallets becaude this would mean stop using bitcoin wallets at all since every single wallet is targeted by hackers.

It is not surprising to see many scam attempt through malware and it is obviously user's responsibility to keep their assets safe. Downloading app from Google Play is not 100% safe as there can be copied version of the original application although most of the time google play will delete it once they copied version is detected as bad app. We have to make sure that we are downloading the original/official application but it is still better not to use android application to store our assets.

For software wallets, I always suggest using a mobile phone instead of a computer, but unfortunately smartphones are slowly but surely closing up to computers in terms of how frequent it's being targeted by malware and viruses. Regardless, another perfect reason to not be cheap and invest in a good and reputable hardware wallet.

Mostly for monetization purposes, but not necessarily stealing money. Some are for botnet usage, spreading PPC links, etc.

This is the part that i always get worried about as a partly tech-savvy user. For example, I understand the dont's:
1. Shouldn't download anything other than apps appearing on Google Play.
2. Don't click on random SMS links.

Now this part in the TNW article is scary:

I have a few questions in this regard:

1. Can these "Push notifications" appear without you doing any of the two activites i listed above? If yes then how?
2. What kind of vetting process do apps "verfied" by Google Play go through. For example, A few days back, i installed some third party crypto-wallet on mobile (being offered by some ICO based company, CELER network i think, worked like crap so uninstalled). Now, what risk do i run considering that these apps aren't open-source?

I remember gmaxwell posting somewhere that it is best never to install any closed source applications when it comes to crypto-wallets.

I don't mind if the malware targets JPMorgan as the next victim oooppss ;D

Joking.

But yes, crypto user installed so many apps in their android because they want to know a new app that could help them to make money. In the Google Playstore, itself cannot always protect the user, and it's the responsibility of each user to protect their android.
The review on the apps software doesn't guarantee that the apps are very good because we don't know who the user is, so make sure to be careful when you want to install any apps in your android.

We can use SU manager to block apps. Use Magisk Manager and you're good to go because most of the time they'll notify you if there is an apps requesting for root access. I personally root my phone and always be careful when I download apps from the internet.

SMS spam is more dangerous than the oldschool email spam,because people tend to trust more SMS messages(and there aren't any SMS spam filters,AFAIK).However,I would never download and install any apps that aren't listed on Google Play(an app being listed on Google Play isn't a safety guarantee though).

That is why I don't click or download thing that is suspicious. You need to be more cautious nowadays, you will be at risk if you keep playing dumb when someone sends a link to you.

I'm an Android user, and unfortunately the disadvantages of using Android's open source software store carry a lot of risk for us. I'm especially careful not to put too much sensitive content on my phone, but this protection can be effective.

I am about to buy new hardware wallet because of this problem.

Creating malwares seem to be easier way to earn crypto, and it is easy to create malware than working in a successful ico, it’s very positive to me the malwares can be a hype soon.

step 1)  ENCRYPT YOUR PHONE
step 2) Verify software sources
step 3) use long alphanumeric passphrases (add special characters if possible)
step 4) Encrypt/Passphrase protect EVERYTHING
step 5) use a cold storage solution for large funds, only keep small amounts on connected devices

What in the world are you talking about? Are you trying to encourage people to develop malwares in order to steal money? This is like telling people that it is easier to rob an ATM than work in a day job for 8-10 hours. Think before posting such nonsense.

Coming to the topic, mobile wallets were never that secure in the first place which is why paper and hardware wallets are much better solutions in this regard.

I know we all can't be truly careful this day of improved high tech. To curtail all these one should only download certified app (that's apps rated at least 4+) from the Android playstore (If one uses Android, that is). This is what I do. I like to read reviews on apps before downloading and installing them.

Actually, trusting an app within Google Play isn't enough. It is an old story that Play Store is bloated with a malware application. I don't know for sure why Google let this happen.

AFAIK, about the application listing on the Google Store, I don't see any effective technologies being used to overcome any malware application being listed, For sure it could be the reason why it fulls with malware apps.

Anyway, the recent Android OS security system already has a good practice. The user is informed about all application activity that required to use anything contained private action, and the user decides to allow it or not.

This is the same as the other phishing scams, such as that fake Electrum wallet that too many forum members fell for, people dumb enough to lose half or even a million dollars by doing the most ridiculous thing: Trusting a rogue download link. And as long as the world has such dumb people around, so will phishers exist. I mean, How many here are still using windows with their wallets? No wonder this still happens.

Too lazy to use Linux (https://mxlinux.org/), too lazy to make a paper (cold) wallet, too lazy verify a download link, too lazy to check a program signature or cryptosum, too lazy to put large funds into the cold wallet and only keep the spare change in the hot one, etc.

Well, it can be an easier way to make money, but it doesn't automatically mean that you should, unless you're an ultimately shitty person that's a total waste of oxygen.

I mean, where have you been though. Malware and viruses have existed to do mostly shitty stuff since forever.

I think we dont have to trust easily in that app. You don't to believe that you can warn in using of that. Not because it will be launched by appstore by android you can truely earn ir benefited. Think first that even a bitcoin who live in a decade there is something that did you did not like or something that did not gives any benefits to you. It is good to try something new but be careful.