Security experts found another malicious app on Google Play.
The "clipper" malware was disguised as a legitimate cryptocurrency app, but it stole cryptocurrency from users who downloaded it. The app took their credentials and keys, and redirected cryptocurrency deposits to the cyberthieves.
If it sounds familiar, that's because cybercriminals have used Google Play before to spread malware. It's become a thing -- a bad thing.
ESET, an IT security company, discovered the latest app scam. The malware impersonates a service known as MetaMask.
"This attack targets user who want to use the mobile version of the MetaMask service, which is designed to run Ethereum decentralized apps in a browser, without having to run a full Ethereum node," the researchers said.
However, Cyware reported, MetaMask does not offer a mobile app. The attackers impersonated MetaMask to target its userbase.
It was not the first time. Last year, Symantec discovered 38 malicious applications in Google Play.
Some apps claimed to be games or education programs. By the time cybersecurity teams detected them, the apps had been downloaded on at least 10,000 devices.
ESET informed Google about the latest cryptocurrency malware, and Google promptly removed it from its store. The company says it is "committed to protecting" its users.
Meanwhile, according to reports, clipper malware has become "the go-to" method for cybercriminals to steal cryptocurrencies.