TrustWallet

How Android malware steals recovery phrase from Trust Wallet without user interaction

Android malware automatically steals recovery phrase from Trust Crypto Wallet and restricts access to victims smartphone by blocking all the actions such as removing it and protecting its cryptocurrency fonds.
This malware can steal recover phrase only from Trust Crypto Wallet however, this malicious functionality can be implemented and performed against any cryptocurrency wallet or exchange, if the seed/recovery phrase is not protected by user’s or system PIN/password or two factor authentication (2FA).

This is possible because the malware misuses Accessibility services to make clicks in context of other apps.

The malware was tested on Android 10 and it can be removed either from Safe Mode or via ADB.

To my knowledge, this malware was discovered by @alberto__segura (https://twitter.com/alberto__segura/status/1448170494210068486)

Follow: https://twitter.com/LukasStefanko

Source

Related Articles

34 Comments

  1. Prevention tip:
    Developers could add another security layers that would – before seeing/coping recovery phrase – request either user’s or device lock screen passcode or fingerprint to continue. It’s similarly implemented in Chrome for Android when user wants to see stored passwords. This would prevent malware automatically reading what is displayed on the screen.

  2. Can’t just stop recommending him enough for his tireless effort and his tremendous job done by this people,truly the best.

  3. ☝️really ☝️appreciate the help you’re giving to the society keep up the good work sir☝️

  4. YOUR ACT OF KINDNESS AND SERVICE SHOW HOW BIG OF HEART YOU HAVE FOR OTHERS.THANKS.. .

  5. ☝️I really appreciate his service he’s a professional in the field

  6. When I say thank you 😊 I mean it deep from my head sir for helping me archive so much in my life you’re there from the start ,a heartfelt thank you sir ☝️☝️

  7. 👆👆👆
    The above name
    Thank you for recovering my account
    ❤❤

  8. Kindly reach out to the professional mentioned above for your lost phrase recovery ..he’s the best recovery skills on YouTube,

  9. Bhai. App yek ethical hacking ka class starts karea please. Me seakh na cahata hu bhai please

  10. *I have ☝️☝️☝️never seen an employee so dedicated, hard working and yet still tenacious at same time you’re an inspiration all of us* ..

  11. To be candid, I haven’t find a honest person like james he recover my 12 world back right now I don’t regret meeting him*

  12. To be candid, I haven’t find a honest person like james he recover my 12 world back right now I don’t regret meeting him’

  13. Its amazing i gave him a leap of faith and he delived a perfect services.,

  14. 👆👆I just gain access back to my wallet. I can’t explain my joy. Thanks to him👆👆

  15. 👆👆 you are really the best thank you so much for recovering my hacked wallet account.

  16. Omg I just gain access 🔝 to my wallet, I can’t explain my joy now. Thanks for your help sir

  17. I literally dnt talk about my private life out here but im here to give credit to him for helping me retrieve my trust wallet back completely within 45mins.

  18. Life is all about keep trying Never give up in anything,matter the situation you fine yourself,I lost all hope to recover my trust wallet back but today now I got it back permanently with my coin inside it

  19. He’s the best👆👆👆.. I think I’m going crazy right now my wallet has just been recovered.

  20. Its amazing I gave him a leap of faith and he delivered a perfect services. I got access to my 12 world phrase:

  21. is safe to root phone, my phone is samsung A50 and some people say me, to i can lost files or brick system, can you help me please, i wanna hacking on phone…

  22. I reached out to him,after I seeing a lot of recommendations about him,so impressed, He worth more than the type, He recovery it back successfully