Fake Mobile Poloniex Apps Are Capable of Draining User Balances

Mobile device users are often targeted by criminals in various manners. In particular, mobile users involved with cryptocurrency have seen some scary developments as of late. It turns out there are a couple fake Poloniex applications in the Google Play Store. That is a very worrisome development, to say the least. By collecting login credentials, criminals can effectively drain user accounts if customers don’t have 2FA set up.

Beware of Fake Poloniex Apps

It is disturbing to see criminals continuing to target the cryptocurrency community these days. There have been so many attempts to defraud users, it’s become almost impossible to keep track of them all.  One of the latest efforts by unknown criminals involves the distribution of malicious mobile cryptocurrency trading applications in the Google Play Store. Several of these malicious programs were identified by security firm ESET Ireland earlier this week.

ESET Ireland’s report paints an extremely worrisome picture, to say the very least. It seems criminals are mainly targeting users of the Poloniex exchange. Even though Poloniex has become less popular in recent months due to a string of server issues and account crediting delays, it seems there are still thousands of people relying on the company. This makes them a lucrative target for cybercriminals these days.

Two malicious Android applications have been identified, both of which aim to harvest Poloniex login credentials. Moreover, they also trick victims into giving up access to their Gmail accounts, allowing criminals to log in to their Poloniex accounts and sometimes even bypass 2FA protection. This is a very worrisome development, although no one should be surprised by it whatsoever.

Interestingly enough, both of the malicious apps use the Poloniex name and logo. Two apps are identified as “POLONIEX” and “POLONIEX EXCHANGE”, although neither was developed by the exchange team itself. Right now, Poloniex doesn’t have an official mobile application for any platform, but its API can be used to connect it with existing mobile trading applications. Anything on the Google Play Store with “POLONIEX” in its name should be avoided for the time being.

It does appear these apps have been removed in some parts of the world already, which is a good sign. However, both apps combined have been downloaded 5,500 times, which means a lot of accounts are at risk right now. The applications display a fake Poloniex login screen, which is used to harvest account details and send them back to the criminals. Anyone without two-factor authentication will see their accounts drained in short order.

Rest assured this is not the first nor the last time we will see malicious mobile applications related to cryptocurrency exchanges pop up. Poloniex is one of the bigger targets right now, but we will see other platforms deal with similar threats in the future. It is due time we all moved to decentralized exchanges rather than continue to rely on centralized platforms, which are points of failure. It will take a few more hard lessons before everyone realizes this change is inevitable.