Fake Wallet App Downloaded 10,000 Times on Google Play, Steals $70K in Crypto
Ruholamin Haqshanas is a contributing crypto writer for CryptoNews. He is a crypto and finance journalist with over four years of experience. Ruholamin has been featured in several high-profile crypto...
A fraudulent cryptocurrency wallet app on Google Play has reportedly stolen $70,000 from users in a sophisticated scam that has been described as a world-first for targeting mobile users exclusively.
The malicious app, named WalletConnect, mimicked the reputable WalletConnect protocol but was, in fact, a sophisticated scheme to drain crypto wallets.
The deceptive app managed to deceive over 10,000 users into downloading it, according to Check Point Research (CPR), the cybersecurity firm that uncovered the scam.
The scammers behind the app were well aware of the typical challenges faced by web3 users, such as compatibility issues and the lack of widespread support for WalletConnect across different wallets.
They cleverly marketed the fraudulent app as a solution to these problems, taking advantage of the absence of an official WalletConnect app on the Play Store.
Coupled with a slew of fake positive reviews, the app appeared legitimate to unsuspecting users.
While the app was downloaded over 10,000 times, CPR’s investigation identified transactions linked to more than 150 crypto wallets, indicating the number of individuals who actually fell victim to the scam.
Once installed, the app prompted users to link their wallets, claiming to offer secure and seamless access to web3 applications.
However, as users authorized transactions, they were redirected to a malicious website that harvested their wallet details, including the blockchain network and known addresses.
Exploiting the mechanics of smart contracts, the attackers were able
Read more on cryptonews.com
