Warning! Crypto-stealing app found on Google Play

-

A troubling app on Google Play was discovered stealing cryptocurrency from users, using clever tricks and mimicking trusted protocols.

Check Point Research revealed that this app managed to steal around $70,000 from over 150 victims.

How the app operated

The attackers used the Walletconnect protocol to make the app seem legitimate, manipulated Google search rankings, and avoided detection with encryption and obfuscation techniques.

CPR announced on Thursday that they uncovered this app, marking a first-of-its-kind moment as it is the first known case of a drainer targeting mobile users exclusively.

The app was active for nearly five months and used the trusted Walletconnect protocol to deceive users with fake branding and social engineering tactics.

Before it was removed from Google Play, it had tricked more than 150 users, leading to losses exceeding $70,000.

The attackers achieved over 10,000 downloads by manipulating search results and using fake reviews.

CPR also shared that advanced social engineering was key in convincing users to download the app and connect their cryptocurrency wallets.

Once users interacted with the app, they were prompted to sign harmful, fake transactions, allowing the attackers to silently drain their cryptos.

Security check my *ss

The report mentioned that not every user who downloaded the app was affected, because some didn’t complete the wallet connection, while others spotted suspicious activity and secured their assets before any harm.

Some users may not have fit the malware’s specific targeting criteria.

Further analysis by CPR showed that the app avoided detection through advanced obfuscation techniques and anti-analysis methods, even slipping past Google Play’s security checks.

The attackers used redirection and encryption tactics to hide their true motives.

This app relied heavily on external malicious scripts, making it harder to detect and allowing the attackers to stay hidden.

Be prepared!

This incident is a yet another example how cybercriminals are becoming increasingly sophisticated in their tactics, especially in DeFi where users often depend on third-party protocols to manage their assets.

As these threats grow,, and they definitely are, it becomes more important than ever for users to remain cautious when downloading app sor interacting with anything in the crypto sphere.

Have you read it yet? SHIB in trouble, gains are gone


Disclosure:This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.

Kriptoworld.com accepts no liability for any errors in the articles or for any financial loss resulting from incorrect information.

LATEST POSTS

Are XRPL memecoins facing SEC scrutiny?

The leading decentralized exchange on the XRPL, Magnetic X launched the Memepad, a dedicated platform for meme tokens. This new launch is giving users the...

Vitalik Buterin explains why the Ethereum Foundation sells ETH

The Ethereum Foundation, which supports the second-largest blockchain, has faced some scrutiny over its decision to sell rather than stake its ether holdings. So, what’s...

21 months, one Satoshi statue, and it’s already disappearing

A unique statue honoring Bitcoin’s mysterious founder, Satoshi Nakamoto, was unveiled over the weekend in Lugano, and it’s freaking cool! The creative mind behind the statue The...

Over 60% of young Indonesians are investing in crypto

New reports show that more than 60% of crypto investors in the country are aged between 18 and 30, what means an undeniable youth presence...

Most Popular

Guest posts