Kasperksy and ESET antivirus researchers have discovered two apps on Google Play which pose as apps of cryptocurrency exchange Poloniex, and steal the login information. The apps have reported to have been downloaded 5,000 times so far. The fake apps then use the credentials and access to user email to steal funds from the Poloniex accounts of the infected users.
This trend is disturbing as Internet users are being targeted due to the lure of Bitcoin. The news of the fake apps comes amidst warnings that a Bitcoin virus CryptoShuffler has resurfaced, with over $14,000 reportedly stolen. May 2017’s WannaCry attack, and the BadRabbit attack which affected key outfits in Russia and Ukraine are examples of how businesses are held to ransom by malware which demand payouts in Bitcoins.
Security researchers recommend that users enable two-factor authentication as a measure against attempts by current or future hackers."