A scam wallet app on Google Play stole over $70,000 in cryptocurrency through phishing. Despite a rise in crypto-related scams, losses from hacks and scams declined by 40% in Q3 2024, according to Immunefi.
A scam wallet app, posing as WalletConnect on the Google Play Store, successfully perpetrated a phishing scheme that netted over $70,000 in cryptocurrency until it was removed. For four months, the scam wallet app posed as WalletConnect, one of the most popular Web3 protocols for safe communication between cryptocurrency wallets and dApps.
The app lured victims into approving rogue transactions, thus giving cybercriminals unauthorized access to their finances. All in all, the app was downloaded 10,000 times, of which 150 fell for the scam, according to a report by Checkpoint Research.
The legitimate WalletConnect protocol is the foundation of secure user interaction between wallets and dApps, normally using QR codes or deep links without necessarily exposing the private keys to approve transactions.
Despite the fact that more and more users are becoming aware of crypto wallet security, cyber criminals still find more cunning ways to deceive users. Phishing attacks like this show threats continuously haunting the Web3 space.
The phishing incident is the tip of the iceberg when it comes to the rise of cryptocurrency fraud. Crypto-related scams have surged in 2023. Americans lost more than $5.6 billion, a spike of 45% over the previous year, the FBI said. Of all varieties, investment fraud came in at the top, with losses recorded at $3.9 billion in value.
Recently, figures have indicated that the trend of crypto-related losses is starting to recede. According to a report by Immunefi, hacks and scams fell 40% in Q3 2024, at US$413 million, from US$685 million in Q3 2023.