Published by Franziska on

The term fraud- or malware covers various applications. There are websites or apps that are counterfeits of well-known providers, or they are generally fake software or applications that keep a backdoor open for fraudsters.

Basically, users should be overcautious when it comes to which programs they install on their computers or smartphones.

One Example of such fraud software is the fake app of the real existing platform Poloniex (the platform Poloniex does not operate an app itself). In order to catch victims in a trap and get them to hand over their login data and password, the scammers imitate exchange apps such as Poloniex’s, taking over the developer’s name, app icon and user interface. With the help of fake ratings, a legitimate-looking app is offered in this way. Using the information from the login data collected in this way, the criminals then simply take over the victim’s account.

Similar phishing attempts also occur with wallet apps. This has become known, for example, for MyEtherWallet (which also does not operate an app itself). Here, however, the criminals are not looking for a password, but they are trying to discover the wallet’s private key and seed phrase. A “stolen” password that criminals have gained knowledge of can be reset with the help of the exchange’s support and the private user key stored there. The situation is different for wallet users because they hold the private key themselves. Once the attackers gained knowledge of it, the money is gone.

Criminals are very inventive when it comes to getting money. When users want to send coins, there are malware programs that (once installed) modify coin addresses when they are copied from the clipboard. The coins are then unknowingly sent to a different address, that of the hacker. In the vast majority of cases, the user does not see his coin again.

The fake-app looks genuine at first look.