An investigation uncovered a malicious app on Google Play targeting mobile users to steal cryptocurrency. The app, posing as a legitimate WalletConnect tool, used advanced evasion techniques to avoid detection for nearly five months. It achieved over 10,000 downloads through fake reviews and branding. The attackers used social engineering and a modern crypto drainer toolkit, stealing approximately $70,000 from over 150 victims. The malware, identified as MS Drainer, supports multiple blockchains and employs sophisticated methods to drain user wallets. This case highlights the growing sophistication of cybercriminal tactics in decentralized finance, emphasizing the need for vigilance among users and improved security measures in app stores. Author: AlienVault
Related Tags:
T1585.001
T1204.003
T1102.002
mobile malware
T1534
T1059.007
T1608.001
T1056.004
T1204.001
Associated Indicators:
42330CCAAACEA8A18794C7E9FAD100DE31EA415BFF7821E407B9AC70EF690032
BF557E975733C113ACC38DAA18CA1849A1022B4C30B118899F68210CD3C7F990
web3protocol.online
cakeserver.online
mestoxcalculator.com