There are now more cryptocurrency owners and crypto casino players than ever before. Cryptocurrencies such as Bitcoin and Ethereum have allowed people to pay anonymously for goods and services and helped to reduce fears of fraud and data breaches.
However, it can sometimes be less secure than you may first think, as many e-wallet users found out last week. An app, hosted on the Google Play Store, has been pulled after it was found to be stealing currency from its users.
This has been a wake-up call for many crypto users, but there are plenty of ways you can keep your cryptocurrency safe.
Read on to find out more about this malicious app and what measures you can take to make sure your crypto funds are being stored securely.
How Did the App Steal from Users?
The app, which had been downloaded by many from the official Google Play store, was impersonating a legitimate wallet service called MetaMask.
Instead of keeping their cryptocurrency safe, however, this fake app was hijacking the users’ clipboard feature. This meant that when users tried to send their tokens to their crypto address, they would be pasting in the hacker’s address instead.
This kind of malware is called ‘clipper malware‘, and it’s the first time this sort of program has been found in a seemingly-trustworthy Android app. It serves as a sad reminder that crypto users must always be wary about what software they trust.
What are Crypto Addresses?
If you own cryptocurrencies and have a crypto wallet, then you’ll have a ‘crypto address’. This is a bit like a banking sort code and account number: it’s a unique code which directs the money to your account.
These addresses, however, are usually very long strings of numbers and characters. This means that users ten to copy and paste the addresses, rather than typing them out each and every time they make a transaction.
Moreover, many e-wallet apps give users a one-time address. A new address is generated every time the user opens the app, as a security feature, making it very difficult to recognize a fraudulent address.
The Real MetaMask App
As we’ve just mentioned, this app managed to gain traction with users as it was masquerading as the legitimate wallet service, MetaMask.
The service is one of the most reputable brands around, which specializes in making Etherum transactions hassle-free. It allows users to run decentralized apps via a browser add on, yet currently, the service has no mobile app.
In response to this story, MetaMask tweeted: ‘We would appreciate it if @GooglePlayDe would reserve trademarked names for apps, especially repeat phishing targets like us‘.
It seems the blame here may lay at Google’s feet, who clearly aren’t doing enough to prevent fake apps from appearing in their Play Store. But if we cannot trust the big brands to only supply us with legit options, then what can we do to keep our currency safe?
How to Keep Your Cryptocurrency Safe
If this story has got you worried about your own cryptocurrency security, then it’s probably a good time to start thinking about what extra measures you can take to ensure your funds are stored safely.
Below, we’ve listed some top tips to keeping your cryptocurrency safe when making online transactions and playing at crypto online casinos.
- Always store your cryptocurrency in a hardware wallet – also known as cold storage. This allows you to keep your currency away from the internet, and therefore, away from malware, hackers and viruses,
- If you need to put your currency online (to make a casino deposit, for example), always make sure you are doing so through a reputable brand. Check out reviews first and make sure you download software from official sources, such as the brand’s own website.
- Always make sure your antivirus software is up to date and running before making a transaction. Moreover, if you’re making a lot of crypto transactions, you may want to look at upgrading your antivirus software.
- Always look at the addresses to which your sending your currency. Ideally, you should never copy and paste an address, and always type it out manually. It may take longer, but it could save you time and money in the long run.
How to Spot a Fake App
Sadly, fake apps aren’t new to the Google Play store. There have been many reports of people creating listings designed to look exactly like popular apps, which then bombard users with ads or malware.
The good news is that this epidemic means that there’s already plenty of advice for spotting fake apps. Below we’ve listed some top tips and tricks which you can employ to make sure you’re only ever downloading the real deal.
Browse Search Results Thoroughly
If you use the Play Store to find apps you wish to install, then always take a few seconds to look at all the search results carefully.
Fake apps will use the same icon as the real app, and so you should always proceed with caution if you see the same app icon more than once.
Check the App Name and Developer
Always make sure to look closely at the app’s name and developer. Fake apps will use the same name as the real app, yet will often add an extra word. For instance, a fake Whatsapp scam once tricked users into downloading their product by calling the app Whatsapp Update.
The next step is to check out the app’s developer. Whatsapp, for example, is created by Whatsapp Inc. If another name is shown, it’s a fake.
Check the Download Count
In the Google Play Store, you can always see how many other users have downloaded the app. This is a good indicator of whether an app is real or not, as the fake will usually have far fewer downloads.
The Facebook app, for instance, has been downloaded over 1 billion times. This means that if you see a version of the app which only boasts 1,000 downloads – it’s definitely not the real deal.
Look at the Descriptions
Real app developers put a lot of time and effort into creating appealing descriptions. They provide a clear summary of what their app does and most use good grammar, spelling and formatting.
If an app’s description feels shady, it probably is. You wouldn’t buy a t-shirt which said Hugo Bass instead of Hugo Boss and think it was the real thing would you? The same logic applies when downloading apps.
Read the App Reviews
After you’ve checked out all of the details listed above, the next step is to read some of the reviews.
Fake apps will, of course, also have fake reviews but its likely that there will also be some real reviews from other users who have been tricked into downloading it.