On Google Play, a fake WalletConnect app scammed $70,000 from crypto wallet owners

Security researchers from Check Point Research discovered a fraudulent app in the Google Play shop that defrauded more than 150 users of $70,000.

Here's What We Know

The app, called WalletConnect, had a name and logo similar to the legitimate WalletConnect protocol, which misled users. After installing the app, users linked their cryptocurrency wallets thinking it was safe. However, the app redirected them to a malicious website where attackers accessed their wallets and transferred cryptocurrency to their accounts.

Despite the app being installed over 10,000 times, only 20 victims left negative reviews, allowing the scammers to hide their actions behind fake positive reviews. The app remained available on Google Play for five months before Google removed it. Users who have installed the app are advised to uninstall it immediately.

Source: Check Point Research