WalletConnect has warned crypto users about a fake app previously available on the Google Play Store.
In a September 29 post on X, the organization behind the open source protocol that enables secure connections between crypto wallets and decentralized applications (dApps) said the offending app has been removed from Google Play, but not before more than $70,000 was stolen. crypto value of unsuspecting users.
Malicious applications targeting mobile users
The issue first came to light on September 26 when cybersecurity team Check Point Research (CPR) published an extensive report on it. In its filing, CPR claimed the fake app had posed as a legitimate cryptography tool, leveraging the trust of the WalletConnect name and going unnoticed on the Google Play Store for at least five months.
People allegedly downloaded the app more than 10,000 times in that period, and more widespread damage was avoided because many of the downloaders didn’t actually connect their wallets to the app.
CPR also stated that other users may not have met the targeting criteria for the malicious app. According to the security firm, the app reacted differently depending on the location of the user’s IP address and whether they were using a mobile device.
Depending on the IP and device they were on, users would be redirected to the background of the app, which contained the MS Drainer software.
The offending app was made available on the Google Play Store on March 21, 2024 as “Mestox Calculator”. It then went through several changes before its final iteration as the WalletConnect app.
Interestingly, despite the name changes, the app’s URL still pointed to what appeared to be an innocuous website with a calculator. This technique reportedly allowed the app’s editors to pass Google’s review process, as any checks would simply load the calculator.
CPR also noted that the app used advanced social engineering tactics, such as fake reviews and branding, to increase its visibility in search results. This led many unwitting victims to believe it was legitimate.
150 people were victims of the scam
Once downloaded, the fake app guided users to connect their crypto wallets and grant various permissions, after which its creators used sophisticated draining techniques to trigger fraudulent transactions. Users unknowingly approved the transactions, allowing fraudsters to withdraw funds directly from their wallets.
According to the CPR report, about 150 users fell victim to the scam, losing more than $70,000 worth of cryptocurrency between them.
For its part, WalletConnect has reminded users that there is no official WalletConnect app and that they should remain vigilant against such scams, although it is working to prevent similar occurrences in the future.
SPECIAL OFFER (Sponsored) Binance Free $600 (Exclusive to CryptoPotato): Use this link to register a new account and receive an exclusive welcome offer of $600 to Binance (full details).
2024 LIMITED OFFER on BYDFi Exchange – Up to $2888 Welcome Reward, Use this link to register and open a 100 USDT-M position for free!