The software, known as Bitcoin Collector, is advertised on a website that supposedly enables users to share a unique URL with their friends with payouts of 3 ether (ETH) (worth about $800 at press time) for every 1,000 people who click on it.
But according to a security researcher who goes by the nickname Frost on Twitter, the app is a front for attempts to steal login credentials and money.
At first, downloading the software launched ransomware that warned users all of their information had been encrypted “using the most cryptographic algorithms,” adding:
“No system administrator in the world can solve this problem without knowing the password.”
Recently, the scam evolved into a Trojan, potentially enabling fraudsters to steal crypto wallets, files and login details, take screenshots and review browsing history without the victim’s knowledge.
Malicious software that tries to dupe inexperienced crypto enthusiasts is relatively common in the crypto space, as Cointelegraph has reported. Last week, researchers found apps on the Google Play store that imitated the hardware wallet Trezor.