Malicious Crypto Wallet Apps on Google Play Store: A Growing Threat
Android smartphone users in India are facing a significant phishing threat due to over 20 malicious apps on the Google Play Store. According to a recent report by Cyble Research and Intelligence Labs (CRIL), these apps are disguised as cryptocurrency wallets and are designed to steal sensitive user data, particularly wallet recovery phrases.
The Scam Explained
These fake cryptocurrency wallet apps, including names like SushiSwap, PancakeSwap, Raydium, Hyperliquid, and Suiet Wallet, mimic the design and functionality of legitimate crypto wallet applications. Once installed, they prompt users to enter their 12-word recovery phrase, which is then harvested by cybercriminals to gain access to the user’s DeFi wallet.
How Cybercriminals Are Spreading These Malicious Apps
The malicious apps are being uploaded using developer accounts previously associated with gaming and video editing tools. These apps hide phishing URLs within their privacy policies, tricking users into entering sensitive information. The scam is particularly convincing due to the apps’ imitation of genuine crypto wallet applications.
Immediate Action Required
Users are advised to delete the following identified malicious apps immediately if installed on their devices:
- Suiet Wallet
- BullX Crypto
- SushiSwap
- Raydium
- Hyperliquid
- OpenOcean Exchange
- Pancake Swap
- Meteora Exchange
- Harvest Finance Blog
Protecting Yourself from Phishing Attacks
To stay safe, users should:
- Avoid downloading lesser-known crypto apps from unofficial sources.
- Never enter your 12-word recovery phrase in unfamiliar apps.
- Always verify the developer name and read reviews before installing any new app.
By taking these precautions and being aware of the potential threats, users can significantly reduce the risk of falling victim to these phishing attacks and protect their digital assets.
