Avoid Fake Skype App That Steals Crypto
If you’re considering downloading a Skype app through Baidu, be cautious. According to SlowMist, a security firm, a fake Skype app is stealing users’ crypto. The app was downloaded from the internet rather than an app store by a Chinese individual, leading to the theft of their cryptocurrency.
Gang Uses Fake Chinese Binance App to Steal Crypto
The malicious code was injected into the application package (APK) file that the user downloaded. The gang behind this fake Skype app also created a similar fake Binance app last November using the same backend domain “bn-download3.com.” Since May 23, this domain has been associated with the fake Skype app.
The fake Skype app requested access to files and photo albums like a legitimate social media app. It monitored traffic for specific cryptocurrency strings and replaced crypto addresses with malicious ones.
192,856 TRX and 7,800 USDT were stolen and sent to malicious addresses. SlowMist has blacklisted these addresses and advises against downloading apps from unofficial sources.
Google Identified Data Leakage on Baidu
Google’s best practice guide for app developers in its Android platform advises against collecting device-specific data like MAC addresses. Last year, Google identified data leakage on Baidu Search Box and Baidu Maps, further highlighting the risks associated with apps downloaded from unofficial sources.
Hot Take: Protect Your Crypto from Fake Apps
Always download apps from official sources such as the Google Play Store or Apple App Store to avoid falling victim to fake apps that steal your cryptocurrency. Be cautious when granting permissions to apps and regularly check for any suspicious activities on your accounts.
By
By
By
By
By
By