First Case of Crypto-Jacking Clipper’ Malware Found on Google Play Store

First Case of Crypto-Jacking ‘Clipper’ Malware Found on Google Play Store


A new form of cryptocurrency-stealing malware

has been identified in the Google Play store. Dubbed ‘clipper’ malware, it was discovered inside an app impersonating MetaMask—a full browser extension which allows Ethereum-based apps to run on a browser without running a full Ethereum node. Clipper malware works by taking advantage of the copy-paste feature. Crypto apps are especially vulnerable because they require that users input long and complicated cryptocurrency addresses. The malware then monitors the clipboard of the infected system and identifies values that look like a wallet address. Once identified, the malware swaps the victim’s address for the hacker’s address. If the victim completes the transaction without noticing the change, the crypto gets deposited in the attacker’s account instead.

This malicious app was discovered by cybersecurity company Eset and is the first known app of its kind to pass Google’s vetting procedures. Malware and other software targeted at cryptocurrency users has become increasingly prevalent because of the ease of monetary gain via stealing crypto, especially when compared to other methods such as data ransom and identity fraud which tend to be more labor intensive

There has been much discussion about what has now been dubbed as ‘crypto-jacking’ which is coin mining that is done using the computing power of other people’s machines. This form of hacking hit mainstream media when it was discovered on popular torrent site The Pirate Bay, which was using a web browser miner called CoinHive.

Another crypto-jacking attack is performed via email, where a user is phished and malicious mining software is installed on the victim’s computer. However, this brings up a question of ethics, as there are some who have expressed that they would permit cryptocurrency mining in this manner, in exchange for web services such as The Pirate Bay, if they were notified about it. A study conducted in late 2017 showed just how quickly crypto-jacking

rose to prominence:

“Coin miners made up 24 percent of all web attacks blocked in December 2017, and 16 percent of web attacks blocked in the last three months of 2017, demonstrating the big impact of these browser-based coin miners,” the report from Symantec read.

Article Produced By
Darryn Pollock

Darryn is an award-winning journalist that began his career covering sports for a major national newspaper group in South Africa. Since then, he has married his interest in blockchain and cryptocurrency and looks to cover the emerging ecosystem as thoroughly as possible. He is particularly interested in the technical and economic impact of cryptocurrency.

Google’s Latest Plan to Sell Your Data Will Leave you FURIOUS

Google’s Latest Plan to Sell Your Data Will Leave you FURIOUS
Giving our behavioral data to companies with this grand a scope will likely never be completely safe, but this is beyond reproach. 


One of the most invasive and unnerving realizations

that we must face in our new technological age is the fact that we are very literally being mined by the products that we use.

There is a great deal of convenience in the internet.  We can use it to travel around our city on even the busiest of days with ease.  We can order any number of dishes from any number of restaurants.  Heck, we can even rent an electric scooter to ride around town, leaving it where we like when we’re finished. But, as the wise have always told us, nothing in this life is free.  Sure, we pay for these services, and we pay to have access to the internet, but that’s not nearly all of the value that is being taken from us by the corporations whom we trust online.

Story Continues

Google, Facebook, and others have long been selling our online behavioral data to advertisers, in order for those advertisers to then weaponize their work in the most effective ways.  Google is literally telling Dupont and these other enormous chemical companies, what time of day is best for them to run laundry detergent commercials in order to maximize their weaseling into our pockets. Worse still; this game is played at such a high level that only Holy Rollers need apply for a seat.  That means that you and I are simply pawns in the game. Has that stopped forward-facing companies like Google from continuing this habitual debauchery?  Of course not.


And it’s getting worse. 

MOST OF THE data collected by urban planners is messy, complex, and difficult to represent. It looks nothing like the smooth graphs and clean charts of city life in urban simulator games like “SimCity.” A new initiative from Sidewalk Labs, the city-building subsidiary of Google’s parent company Alphabet, has set out to change that.

The program, known as Replica, offers planning agencies the ability to model an entire city’s patterns of movement. Like “SimCity,” Replica’s “user-friendly” tool deploys statistical simulations to give a comprehensive view of how, when, and where people travel in urban areas. It’s an appealing prospect for planners making critical decisions about transportation and land use. In recent months, transportation authorities in Kansas City, Portland, and the Chicago area have signed up to glean its insights. The only catch: They’re not completely sure where the data is coming from.

This “appealing prospect” sounds a lot more like data harvesting for the sake of targeting us with more advertisements.

To make these measurements, the program gathers and de-identifies the location of cellphone users, which it obtains from unspecified third-party vendors. It then models this anonymized data in simulations — creating a synthetic population that faithfully replicates a city’s real-world patterns but that “obscures the real-world travel habits of individual people,” as Bowden told The Intercept.

The program comes at a time of growing unease with how tech companies use and share our personal data — and raises new questions about Google’s encroachment on the physical world.


Concerns over the use of this GPS data are obvious enough to understand, but a fun analogy awaits you anyway: Let’s say that Amazon puts a new Whole Foods store in your town, and Google isn’t happy about it for whatever reason.  Google has the power to reroute traffic to the area near that store to make it an unappealing commute.  Eventually, people will stop coming. Or, even crazier, if Google decided they didn’t want the location to even show up in their Maps app.  You could be literally lost, confused, and impaired while driving. Giving our behavioral data to companies with this grand a scope will likely never be completely safe, but this is beyond reproach.

Article Produced By
Andrew West

Andrew West is an Atlanta-based author who enjoys his pursuit of happiness to the fullest, whether it be craft beer, the great outdoors, or playing music.