Two credential stealing apps exposed on the Google Play store were found masquerading as the genuine Poloniex mobile app.


Unlike the Apple App Store, the Google Play store does not review the applications to determine whether the they are legitimate or not.

Poloniex is one of the world’s largest cryptocurrency exchanges and features over 100 cryptocurrencies available to trade.

These statistics make Poloniex a sought-after target for fraud.

With all the publicity building around cryptocurrency, cybercriminals are attempting to clutch whatever new chance they can.

The fake apps as discovered on Google Play along with reviews.

So what can you do to protect yourself?

If you use Poloniex and have downloaded any of these malicious apps, start by deleting them.

  • Make sure to change both your Poloniex and Gmail passwords.
  • Consider enabling 2-factor-authentication for both Poloniex and Gmail.
  • Make sure the service you’re using really offers a mobile app. The application should be accompanied on the company’s official website.
  • Read the application reviews and ratings.
  • Be careful of alerts and windows giving the impression to be associated with Google.
  • Exploiting users’ trust to Google is a common trait among cybercriminals.
  • Consider enabling 2-factor-authentication for an extra layer of security.

Leave a Reply