"Clipper" app replaced user's wallet address with addresses controlled by developers.
Dan Goodin - 2/9/2019
Google Play has been caught hosting yet another malicious app, this time one that was designed to steal cryptocurrency from unwitting end users, researchers said Friday.
The malware, which masqueraded as a legitimate cryptocurrency app, worked by replacing wallet addresses copied into the Android clipboard with one belonging to attackers, a researcher with Eset said in a blog post. As a result, people who intended to use the app to transfer digital coins into a wallet of their choosing would instead deposit the funds into a wallet belonging to the attackers.