#1247029: Android Clipper found on Google Play - Video
The first Android Trojan Clipper – that exchanges cryptocurrency address in copied clipboard – was discovered on Google Play. Android Clipper targeted Bitcoin and Ethereum cryptocurrency addresses when being copied in to clipboard and replaced them with the attacker’s wallet address. Once this transaction is sent, it can not be canceled.
Figure 1. Replacing wallets in clipboard
In the video I explained what is Clipper and demonstrated its functionality including possible attack scenario.
Figure 2. How Android Clipper works
History of Android Clipper malware
August 7, 2018 – Discovered first Android Clipper outside of Google Play by Dr. Web
February 8, 2019 – Discovered first Android Clipper in Google Play by ESET
Package Name Hash
I test Android malware, so you don’t have to. Be Aware, Be Secure!
|Date added||Feb. 11, 2019, 3:10 p.m.|