Cybersecurity researchers have uncovered 20 malicious apps on the Google Play Store designed to steal cryptocurrency from unsuspecting users. These apps masqueraded as legitimate crypto wallets, including popular platforms like Hyperliquid, PancakeSwap, and Raydium.
The attackers employed phishing techniques, often compromising developer accounts or creating fake ones. They lured users into entering their crucial 12-word mnemonic phrases (recovery keys) on deceptive web-based interfaces, giving the attackers access to their real crypto wallets. This highlights the ongoing risk of phishing scams within the cryptocurrency ecosystem and the importance of verifying the legitimacy of crypto wallet applications. Users should exercise extreme caution when downloading and using crypto-related apps, verifying the developer’s credentials and double-checking website addresses.
