‘Easy Rates Converter’ Phishing Scam for Crypto Login Credentials Found on Google Play App
One of the most common ways for hackers to steal information from cryptocurrency investors is with phishing scams. Even though it requires plenty of technical work to set this up, a new video was published to show how an app called Easy Rates Converter managed to find its way onto Google Play, collecting sensitive data.
This phishing attempt was exposed by Lukas Stefanko, a security and malware researcher. In the video, he demonstrates the simple way that the app is able to steal data under the guise of a “currency conversion tool,” as TheNextWeb puts it. As the user logs in, the attackers have the ability to gain access to CommBank, Google Play, and Binance. Since so many consumers tend to use the same login details in multiple platforms, there could be an exponential number of accounts uncovered through these details. At the time of Stefanko’s video, there had been over 500 downloads, which is still fairly low for an app on Google Play.
Upon downloading, there is nothing immediately suspicious in the app. However, this is when the phishing malware is loaded as well, disguised as an update for Adobe Flash. Then, all that is left Is time. When the user opens the real applications for Binance and other cryptocurrency platforms, there is “fake activity” that requires the user to put their login credentials. That is when Easy Rates Converter takes action. It performs the same activity on the CommBank app.
Right now, according to TheNextWeb, the malware app has been removed from Google Play in its entirety, though no comment has been provided by Google yet. In the meantime, users that downloaded the app may want to check their accounts and secure them with new login details. The best choice is to stick with verified apps, rather than new programs, to prevent these kinds of issues going forward.