Apps on Google Play and others could steal money and personal data from victims. App stores are hosting 661 blacklisted Bitcoin apps which leave users open to hackers, accoriding to a recently published report.
The top stores hosting these potentially dangerous apps were Google Play (272), ApkFiles (54) and 9Apps (52). RiskIQ's research showed almost 3 percent of apps with “Bitcoin exchange” in the title were blacklisted, as well as 2.6 percent using “Bitcoin wallet” and 2.2 percent listed as “cryptocurrency".
The rise in unofficial and potentially malicious apps across multiple app stores will alarm potential investors looking to buy into Bitcoins.
“We are seeing threat actors around the world exploiting what is already a hostile currency in a lawless digital world," he said.
He added that mobile apps are blacklisted for a variety of reasons, "from containing nuisance-ware such as unwanted ad servers to installing malicious code on the phone to harvest credentials or undertake other malicious activity."
He added that users can protect themselves by looking at the developer name - does it look legitimate? If unsure, research it before proceeding. They should also look at the permissions it is requesting. "Do these look reasonable for the tasks the app needs to perform?" He said. Users should also look at the number of downloads if available as well as the reviews.
"The fact that this situation persists also seems to imply that human checking of apps is not quite what it could be," he said.
“The threat posed by such malicious apps is not as serious as that presented by more malicious code but the potential increase in electricity costs, reduced computing performance and lessening of hardware life are all valid reasons for concern.
Ilia Kolochenko, CEO of High-Tech Bridge, told SC Media UK that Cryptocurrencies became a valuable asset that can often be easily sold or exchanged for other goods. "Providing a relatively high level of anonymity, they are a perfect target for cyber-criminals. Therefore, we should expect to have more fraudulent and malicious apps targeting the digital currency audience," he said.