Crypto Wallet Drainer App Identified on Google Play Store, Report Suggests $70,000 Stolen

Crypto scammers have significantly increased the efficiency of their global cyber attacks, according to recent warnings from the FBI.

Crypto Wallet Drainer App Identified on Google Play Store, Report Suggests $70,000 Stolen

Photo Credit: Google

The fake app replicating WalletConnect was published on Google Play Store on March 21, 2024

Highlights
  • The app was available on Play Store for five months, the report says
  • The fake app was created using the platform median.co
  • The details about the publishers of this app remain undisclosed
Advertisement

A report by Check Point Research (CPR) uncovered a crypto wallet draining app on the Google Play Store, masquerading as the popular WalletConnect app. CPR found that the app used "advanced evasion techniques" to steal $70,000 (roughly Rs. 58.6 lakh) over five months from unsuspecting users. The malicious app, named "MS Drainer" after an analysis of its JavaScript code, is part of a growing trend of increasingly sophisticated crypto scams. Recent FBI reports also warn that cybercriminals have become more efficient in executing global attacks.

“Check Point Research (CPR) uncovered a malicious app on Google Play Store designed to steal cryptocurrency marking the first time a drainer has targeted mobile device users exclusively. To pose as a legitimate tool for Web3 apps, the attackers exploited the trusted name of the WalletConnect protocol, which connects crypto wallets to decentralised apps,” the report said.

The crypto wallet app, that has now been removed, managed to amass over 10,000 downloads. The fake platform emerged on top of the search on Google Play Store on searching for ‘WalletConnect' owing to multiple reviews that the CPR report flagged as ‘fake'.

What is WalletConnect

WalletConnect is an open-source protocol that connects decentralised apps (dApps) with crypto wallets through QR codes, allowing users to interact with blockchain-based apps without exposing their private keys.

According to Check Point Research (CPR), a fake app mimicking WalletConnect's appearance and functions was created using the web service Median.co. The app, initially named "Mestox Calculator," was published on the Google Play Store on March 21, 2024, with its name changed several times since then.

“An inexperienced user might conclude that it is a separate wallet application that needs to be downloaded and installed. Attackers hijack the confusion, hoping that users will search for a WalletConnect app in the application store,” the report noted.

The X handle of WalletConnect acknowledged the development in a note to its followers.

How Did WalletConnet's Malicious Dupe Work

Upon download, the fake app quickly prompted users to connect their crypto wallets. When users clicked the wallet buttons, they were redirected to a malicious website via a deep link. To verify their wallets, the website requested users to approve multiple transactions consecutively, unknowingly authorizing fraudulent activity.

“We assume that users install this malicious app to connect their wallet to Web3 applications that do not support direct connections to wallets like MetaMask, Binance Wallet, or Trust Wallet, but only use the WalletConnect protocol. They likely expect the downloaded WalletConnect app to function as a sort of proxy. Therefore, the connection request does not appear suspicious,” the report explained.

The CPR, in its report, said incidents like these highlight the advance nature of techniques that are being used to target the crypto sector, that is presently valued at $2.27 trillion (roughly Rs. 1,90,20,364 crore). The website has strongly suggested users remain vigilant and wary of the applications they download, even when they appear legitimate.

Back in 2023, a Sophos report stated that crypto scammers have been fishing for victims on Android systems using AI tools. Crypto fraudsters were also identified to be exploiting advertisements on Google Search to promote scam websites.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Radhika Parashar
Radhika Parashar is a senior correspondent for Gadgets 360. She has been reporting on tech and telecom for the last three years now and will be focussing on writing about all things crypto. Besides this, she is a major sitcom nerd and often replies in Chandler Bing and Michael Scott references. For tips or queries you could reach out to her at RadhikaP@ndtv.com. More
ChatGPT Subscription Prices Could Reportedly Be Hiked Before the End of the Year
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Follow Us
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »