{"id":140585,"date":"2022-06-14T10:26:37","date_gmt":"2022-06-14T15:26:37","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2022\/06\/hackers-clone-coinbase-metamask-mobile-wallets-to-steal-your-crypto"},"modified":"2022-06-14T10:26:37","modified_gmt":"2022-06-14T15:26:37","slug":"hackers-clone-coinbase-metamask-mobile-wallets-to-steal-your-crypto","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2022\/06\/hackers-clone-coinbase-metamask-mobile-wallets-to-steal-your-crypto","title":{"rendered":"Hackers clone Coinbase, MetaMask mobile wallets to steal your crypto"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/hackers-clone-coinbase-metamask-mobile-wallets-to-steal-your-crypto2.jpg\"><\/a><\/p>\n<p>Security researchers have uncovered a large-scale malicious operation that uses trojanized mobile cryptocurrency wallet applications for Coinbase, MetaMask, TokenPocket, and imToken services.<\/p>\n<p>The malicious activity has been identified earlier this year in March. Researchers at Confiant named this activity cluster SeaFlower and describe it as \u201cthe most technically sophisticated threat targeting web3 users, right after the infamous Lazarus Group.\u201d<\/p>\n<p>In a recent report, <a href=\"http:\/\/blog.confiant.com\/how-seaflower-%E8%97%8F%E6%B5%B7%E8%8A%B1-installs-backdoors-in-ios-android-web3-wallets-to-steal-your-seed-phrase-d25f0ccdffce\" target=\"_blank\" rel=\"nofollow noopener\">Confiant notes<\/a> that the malicious cryptocurrency apps are identical to the real ones but they come with a backdoor that can steal the users\u2019 security phrase for accessing the digital assets.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security researchers have uncovered a large-scale malicious operation that uses trojanized mobile cryptocurrency wallet applications for Coinbase, MetaMask, TokenPocket, and imToken services. The malicious activity has been identified earlier this year in March. Researchers at Confiant named this activity cluster SeaFlower and describe it as \u201cthe most technically sophisticated threat targeting web3 users, right after [\u2026]<\/p>\n","protected":false},"author":396,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1761,1492],"tags":[],"class_list":["post-140585","post","type-post","status-publish","format-standard","hentry","category-cryptocurrencies","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/140585","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/396"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=140585"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/140585\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=140585"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=140585"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=140585"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}