Even though Google has been cracking down on malicious
cryptocurrency apps for years, it seems that another cryptocurrency app has been able to slip through the review process.
Once the
malware is installed, it silently waits in the background for the opportunity to make its move. When the user opens an app like
Binance, the malware creates an overlay that is placed on top of the legit app. As the user enters their credentials, the information is recorded and sent to the phishers.
The app has been removed from the
Google Play store. Malwares like these are hard to spot as the app does work as advertised. Stefanko has said that users should check the rating and reliability of the app publisher and stick with apps that are verified to ensure security.