Malicious wallets on
Google Play steal seed phrases, draining funds. Immediate action urged.
Cyble
Research and Intelligence Labs (CRIL) has exposed a sophisticated scam: over 20 counterfeit crypto wallet
apps on the Google Play Store, designed to mimic
legitimate platforms like SushiSwap,
PancakeSwap, and Raydium. Once installed, these apps:
Trick users into entering 12-word seed recovery phrases.
Transmit credentials directly to hackers’ servers.
Enable full theft of cryptocurrency holdings.
Deceptive Listings: Apps uploaded under developer IDs previously used for benign tools (e.g.,
video editors).
Hidden Phishing Links: Malicious seed-collection forms
embedded in “Privacy Policy” pages.
Realistic Interfaces: Clone UIs of trusted DeFi platforms to
bypass suspicion.
High-Risk Apps: Uninstall IMMEDIATELY
|
App Name |
Mimics Legitimate Platform |
|
Suiet
Wallet |
Sui
Network wallet |
|
SushiSwap |
SushiSwap
DEX |
|
PancakeSwap |
PancakeSwap
DEX |
|
Raydium |
Raydium
DEX |
|
Hyperliquid |
Hyperliquid
Perps |
|
BullX
Crypto |
Unknown |
|
Meteora
Exchange |
Meteora
AMM |
|
OpenOcean
Exchange |
OpenOcean
Aggregator |
|
Harvest
Finance Blog |
Harvest
Finance |
|
+12 more undisclosed apps |
CRIL Alert:
"Installing these may lead to irreversible
loss of digital assets."
Protect Yourself: 3 Critical Steps
UNINSTALL all suspicious crypto wallets immediately.
NEVER ENTER seed phrases outside verified hardware/software wallets.
VERIFY DEVELOPERS: Check app history, ratings, and official links.
“These
apps weaponize trust in Google Play. Hackers repurpose old developer accounts
to appear legitimate. Always cross-check
wallet URLs with official project sites.”
Report suspicious apps to: report@cyble.com
Stay vigilant. Pulse Next
will update as CRIL releases new findings.
.webp)
.webp)
0 Comments