Fake Crypto Wallet on Google Play Steals $70,000 in Digital Assets After Being Downloaded 10,000 Times: Report
A fake crypto wallet application on the Google Play Store has reportedly stolen tens of thousands of dollars worth of crypto assets from unsuspecting customers after seeing 10,000 downloads.
According to a new report from cybersecurity firm Checkpoint Research (CPR), a malicious wallet drainer on Google Play stole $70,000 worth of digital assets from users after being available in the store for over five months.
CPR says the malware disguised itself as an app associated with WalletConnect – which itself doesn’t have an app – to take advantage of confused users. WalletConnect is a protocol for web browsers and mobile phones that establishes connections between crypto wallets and decentralized applications (DApps).
Says CPR,
“Given all the complications with WalletConnect, an inexperienced user might conclude that it is a separate wallet application that needs to be downloaded and installed. Attackers hijack the confusion, hoping that users will search for a WalletConnect app in the application store.
However, when searching WalletConnect in Google Play, users find the malicious app ‘WalletConnect – Crypto Wallet’ at the top of the list.”
According to the CPR, the creators of the exploit used social engineering and other clever tactics to carry out and obfuscate their complicated crypto scheme, scamming hundreds of victims.
“The attackers leveraged a combination of social engineering, technical manipulation, and clever exploitation of user confusion to carry out a sophisticated crypto-draining operation.
By capitalizing on a well-known and trusted name like WalletConnect and exploiting the shortcomings of simple and undemanding applications, they were able to deceive over 150 victims and accumulate significant amounts of cryptocurrency without triggering immediate suspicion.”
The cybersecurity firm goes on to say that the exploit was unique in that it relied on smart contracts rather than attacking conventional targets, such as keyloggers.
Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inboxCheck Price Action
Follow us on X , Facebook and Telegram
Surf The Daily Hodl Mix
Generated Image: DALLE3
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Bitget Trading Club Championship (Phase 5)—Grab a share of 80,000 BGB, up to 800 BGB per user!
Bitget Trading Club Championship (Phase 5)—Grab a share of 80,000 BGB, up to 800 BGB per user!
Announcement on Bitget listing TSLA, NVDA, CRCL RWA Index Perpetual futures
Onchain Challenge (Phase 15) — Trade and share 100,000 BGB in airdrops
Trending news
MoreCrypto prices
More
