in

Double check address before sending BTC

I like to think of myself as a power user and have been in the space since 2014. I always held most of my Bitcoin on a hardware wallet and only kept tiny amount of sats on my phone wallet. Last night something happened which made me come here and make a post so that you guys don’t fall for it as well.

I’ve always been an Android user and most attractive thing about Android for me was the ability to sideload apps. I had all kinds of sideloaded apps on my phone like VPN, livestreams, IPTV, Spotify, Camera apps and never had an issue before. I used one app named Mobdro for years for livestreams and such and it worked as expected, but a couple of weeks ago I got an update notification from this app and I clicked “Update” without thinking much about it. Last night I sent $35 worth of BTC to a friend and saw that the address this BTC was being sent to was not my friends address but it was too late since the TX was already in mempool. I quickly realized that my phone has been compromised and I had to factory reset it.

Turns out the Mobdro app developer was [arrested last week](https://troypoint.com/mobdro-developer-arrested/) and somehow someone got access to their app resources and pushed an update containing malware which would detect a Bitcoin address copied in the clipboard and replaces it with one of the attackers address. So long story short, I ended up losing $35 of BTC to a stupid malicious app.

TL;DR

* Always check the wallet address before sending your BTC
* Don’t sideload/install unknown/malicious apps and give them full admin access to your phone/tablet/desktop.
* Use a bloody hardware wallet.



View Reddit by BlockchaindotsupportView Source

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

6 Comments

  1. > but it was too late since the TX was already in mempool

    its not too late at this point. the latest electrum wallet lets you double spend, you can make a second transaction sending the entire wallet balance to yourself and thus null the $35 transaction before it goes through.

Loading…

0

What do you think?

Citi plans to launch crypto trading services after a boom in client interest in digital currencies, report says

Ethereum ETH ETHUSD

VanEck Files For Ethereum ETF As ETH’s Price Staggers