Hackers in Brazil have been using a fake Google Play Store to hijack phones for cryptocurrency mining and steal USDT.

PANews reported on March 22 that, according to Cryptopolitan, hackers in Brazil are spreading Android malware using fake Google Play app store pages. This malicious app appears legitimate, but once installed, it turns infected phones into cryptocurrency mining rigs. Furthermore, it's used to install banking malware and grant attackers remote access. The malware's capabilities extend far beyond mining. Some versions also install banking trojans targeting Binance and Trust Wallet, especially during USDT transfers. It overlays a fake page onto the legitimate app interface and then quietly replaces the wallet address with an attacker-controlled address.