A new attack on the Google Play Store has resulted in the theft of $70,000 worth of cryptocurrency from more than 150 victims. The incident, revealed by Check Point Research (CPR), shows how the criminals used a fake app that pretended to be part of WalletConnect.
WalletConnect is a protocol that enables secure connections between crypto wallets and decentralized applications (DApps) and does not have an official app. However, attackers have released a malicious version called ‘WalletConnect – Airdrop Wallet’ on Google Play, which has been downloaded over 10,000 times.
$70,000 in cryptocurrencies stolen using fake app
The malware was available on the store for more than five months before it was identified. During that time, the attackers used social engineering and other methods to exploit the confusion of less experienced users.
These users believed they were downloading a legitimate tool. This attack once again demonstrates how cybercriminals take advantage of the lack of knowledge in the cryptocurrency space to carry out large-scale fraud.
Read more: 6 tips to protect your cryptocurrencies from hacks and theft
Aplicativo falso WalletConnect na Google Play Store. Fonte: Check Point Research
According to CPR, what makes this attack unique is the combination of social engineering and the use of smart contracts to transfer funds directly from victims’ wallets to their own.
“The fake WalletConnect app has already been removed from Google Play. However, it managed to victimize over 150 users, resulting in losses of over $70,000. Not all users who downloaded the scam were affected. Some did not complete the wallet connection, others recognized suspicious activity and protected their assets, and some may not have met the malware’s specific targeting criteria,” Check Point Research noted.
This type of scam is a red flag for the crypto community. The event highlights the importance of digital security and the need to always verify apps before downloading them.
Fake reviews of the malicious app. Source: Check Point Research
Case calls into question security in app stores
The fact that a malicious app was able to bypass Google Play's security controls for so long also calls into question the effectiveness of current security measures on download platforms.
However, this isn’t the first time something similar has happened. BeInCrypto reported in August on a lawsuit that claims Google hosted a fake cryptocurrency wallet available on its Play Store.
Read more: Solana vs. Ethereum: A Definitive Comparison
The plaintiff accused Google of negligence for allowing a malicious app into its store and asked for $5 million.
So, in 2021, the Electrum Wallet development team also warned about a similar occurrence. The developers reported the existence of a malicious app with a similar name on the Google Play platform.
In this sense, cryptocurrency users should be aware of fraudulent applications and never download tools without first verifying their legitimacy.
Thus, this case highlights the importance of staying informed about the tactics of criminals who seek to take advantage of confusion and ignorance in the cryptocurrency space.
The article Fake app steals $70,000 in cryptocurrencies on Google Play was first seen on BeInCrypto Brazil.