US based cryptocurrency exchange Poloniex.com (the largest exchange service in the world) seems to be having some security issues...
Poloniex users are being targeted by at least two fake Poloniex Android apps.
These apps, which appear legitimate at a glance, were available on Google Play Store and can not only steal the victims Poloniex credentials but also potentially their Gmail as well.
As of yet there is no official Poloniex mobile app, making easy targets of uninformed users.
The first app was called 'POLONIEX' published by developer: 'Poloniex'
The other app was called 'POLONOEX EXCHANGE' published by developer: 'POLONIEX COMPANY'
(Note: Both appear to have been removed from the Google Play Store)
They work by posing as officiall Poloniex apps, obviously, and asking the victim for their credentials to be entered on startup which if done are sent to the attacker giving them control of the account; assuming 2FA (two factor authentication) is not enabled, which would protect you.
Additionally, the malicious app(s) may at some point pose as, or otherwise ask for the Gmail login credentials to confirm a fake 2FA, which if given will give the attacker control of Gmail account as well.
If you feel you may have been victimized by such an attack uninstall the offending apps, change your passwords and enable 2FA if you have not done so already.
Stay safe out there!