Fake Android apps are not found only on shady, third-party app store. Sometimes, they manage to find their way for the Play Store. And if any of these apps have been installed, then your crypto wallet is at risk.
Fake wallet apps steal your crypto
Researchers at Cyble Research and Intelligence Labs (CRIL) have discovered 20 cryptocurrency fishing apps on Google Play Store. These apps motivate valid wallet apps such as suicide, pancakexwap, hyperlicid, and others to take only a fake login page and steal their menemonic phrases.
These mnemonic phrases, also called seeds or recovery phrases, when you make a new crypto wallet, is a randomly generated sequence of the words you get. You have to hide these phrases because they are essentially human-elevated backups of the private keys of your wallet.
If your device is lost or stolen, they can help you reach your wallet. But in the wrong hands, they can also empty your crypto account. Any person with access to your mnemonic phrase can access and control assets to your crypto account.
Crill report The following 20 apps mention:
|
App name |
Package name |
|---|---|
|
Pancake swap |
co.median.android.pkmxaj |
|
Needle wallet |
co.median.android.ljqjry |
|
Hyperbola |
co.median.android.jroylx |
|
Radium |
co.median.android.yakmje |
|
Hyperbola |
co.median.android.aaxblp |
|
Bullux crypto |
co.median.android.ozjwka |
|
Openosian exchange |
co.median.android.ozjkx |
|
Needle wallet |
co.median.android.mpeaaw |
|
Reverse exchange |
co.median.android.kbxqaj |
|
Radium |
co.median.android.epwzyq |
|
Sushaivap |
co.median.android.pkezyz |
|
Radium |
co.median.android.pkzylr |
|
Sushaivap |
co.median.android.borljb |
|
Hyperbola |
co.median.android.djerqq |
|
Needle wallet |
co.median.android.epeall |
|
Bullux crypto |
co.median.android.braqdy |
|
Harvest finance blog |
co.median.android.ljmeob |
|
Pancake swap |
co.median.android.djrdyk |
|
Hyperbola |
co.median.android.epbdbn |
|
Needle wallet |
co.median.android.noxmdz |
You will see that some apps are repeated in the list above. This is because many apps are applying the same app or sharing a name to pass as valid. You can tell them using your package names.
These apps are not using some technical wizardry to trick you. They are basically fishing websites that have been converted into Android apps using the mediation framework and distributed on the play stores using developer accounts that were originally offering a valid app. Some apps leave the framework and load the fishing website directly into the Android webview.
11 required tips I use to keep my Android phone safe
Take care and be safe.
Some of these developer accounts have more than 100,000 downloads. Researchers believe that these old developers eat which were compromised and now it is being used to distribute these phishing apps.
Once you see the phishing website, which applies a valid wallet, you are asked to enter your 12-word mnemonic phrase. As soon as you do this, you have handed over the key to your crypto wallet to the hackers.
Keep your wallet near, and keep your code closer
This campaign is another reminder that you should always check for app reviews and details before downloading, even if you are at the official app store for your platform. When working with the Crypto apps, check to ensure that you are downloading the app from the official developer, not from an impostor.
Connected
What to do if your crypto wallet gets hacked
Crypto wallets are not impenetrable to attack – they are a major goal. So, what do you do if your crypto wallet is hacked?
Keep in mind that legitimate crypto services will never ask for your mnemonic phrase until you try to recover your account manually. If you are asked for a mnemonic phrase during normal login, some are closed. In such cases, check the site URL immediately, and if it is anything but a valid site, it is time to close that tab immediately.
