Fake Crypto Wallet App on Google Play Store Steals $70,000 from Users in Sophisticated Scam

A fake crypto wallet app on the Google Play Store has reportedly stolen $70,000 from unsuspecting users. This app was downloaded around 10,000 times.

According to a recent report from Checkpoint Research (CPR), the malicious wallet was available for over five months before it was discovered. It pretended to be associated with WalletConnect, which actually doesn’t have its own app. This tricked many users.

CPR explains that WalletConnect can be confusing. Some users might think it’s a separate wallet app they need to download. Attackers took advantage of this confusion, leading people to search for WalletConnect in the Play Store.

When users searched for WalletConnect, they found the harmful app called ‘WalletConnect – Crypto Wallet’ right at the top of the list.

The report highlights that the creators of this scam used social engineering and clever tactics to execute their plan. They managed to deceive hundreds of victims.

CPR stated, “The attackers used a mix of social engineering, technical tricks, and user confusion to pull off a sophisticated operation. By using a trusted name like WalletConnect, they exploited the simplicity of certain apps. This allowed them to fool over 150 victims and collect a lot of cryptocurrency without raising immediate suspicion.”

Interestingly, this exploit was unique because it relied on smart contracts instead of traditional targets, like keyloggers. This makes the scam even more sophisticated.