Fake WalletConnect App siphons $70,000 from Google Play Users.
A malicious crypto wallet draining app, disguised as WalletConnect, managed to steal over $70,000 from users via the Google Play Store, according to a report from Check Point Research. This fake app cleverly employed “advanced evasion techniques” to remain undetected for over five months, tricking more than 150 users into linking their wallets.
Initially appearing as “Mestox Calculator” in March, the app underwent several name changes to avoid detection. It presented itself as a harmless calculator, allowing it to pass Google’s security checks. However, once installed, it redirected users to a backend system that drained connected crypto wallets.
The app tricked users into connecting their wallets and approving permissions, which gave attackers control to steal funds. Thankfully, only those who connected their wallets or matched specific criteria were affected. After being downloaded more than 10,000 times, the app has since been removed from the Play Store.
This is the first known instance of a crypto wallet drainer app targeting mobile users exclusively, underscoring the increasing threat of mobile-targeted scams in the crypto industry. It serves as a reminder for users to remain cautious and verify the legitimacy of apps before connecting their wallets to unknown platforms.