A fake MetaMask app is the first instance of this type of cryptocurrency-stealer appearing outside of shady third-party app stores. The app has since been removed, but anyone who had already downloaded it remains affected. Once downloaded, the app prompts users to access their wallet using their seed phrase (a list of words which store all the information needed to recover a Bitcoin wallet) and a Private Key. In this case, the malware replaces any cryptocurrency wallet addresses copied into the Android clipboard with addresses that belong to the attacker.
Source: https://threatpost.com/clipper-malware-google-play/141669/