Security researchers have discovered two fake apps of popular cryptocurrency exchange Poloniex on Google play store acting as legitimate Poloniex apps.
Security researchers have discovered two fake apps of popular cryptocurrency exchange Poloniex on Google play store acting as legitimate Poloniex apps.Researchers atESET discovered two fake apps of Poloniex which not only try steal login credentials and but also try to gain access to user’s Gmail account.The first fake app named ‘Poloniex’ published under the developer name ‘Poloniex’ was seen in between August 28, 2017, and September 19, 2017, in google play store and around 5000 users has downloaded it.The second fake app was seen in the name ‘Poloniex Exchange’ under the developer name ‘Poloniex Exchange’ was seen in Google play store on October 15, 2017, and has 500 downloads. ESET has notified both Google and Poloniex about the fake apps, and both the apps has been removed from the Play store now. The working of both apps are same that when the user launches the app, a screen shows requesting users to enter their Poloniex login credentials which are directly sent to hackers. 
In case If the user has not enabled two-factor authentication on their account which gives hacker full access to that account and can make any transaction or change any settings or even change the password. If the user has enabled two-factor authentication on their account, they are safe from the attack because Poloniex uses Google authenticator for 2FA which cannot be accessed by attackers. After logging in, the next step is to try gain access to user’s Gmail account. Attacker Request users to sign in with their Gmail account saying it as two-step security check.
If the user enters their credentials and clicks sign in, the app asks for permission to view email messages, settings and basic profile info. These permissions can grant access to your inbox.By gaining access to both Poloniex and Gmail account the hacker can make any unauthorized transaction and erase any notification about the transaction and log in from the user’s inbox.
Then the app redirects users to the mobile version of the real Poloniex website in order to show the app is functional.If you have installed Poloniex app on your device, you are advised to uninstall the app and change the password of both Poloniex, Gmail accounts and enables two-factor authentications for both.
About the Author
[/lgc_column][lgc_column grid="85" tablet_grid="75" mobile_grid="75" last="true" style="background-color: #dcdcdc;"]Ashique is a self motivated and passionate security analyst with a good knowledge in computer networking, security analysis, vulnerability assessment and penetration testing. [/lgc_column]