Malicious WalletConnect App Steals $70,000 from Crypto Users
A malicious app, WalletConnect, has been exploiting cryptocurrency users. It accrued over 10,000 downloads and stole around $70,000 before being detected and removed from the Google Play Store.
The app, designed to mimic the legitimate WalletConnect protocol, went undetected for five months. It stole cryptocurrency by redirecting users to a malicious website after they connected their wallets. The malware was sophisticated, using techniques to avoid detection by both automated systems and manual searches. It targeted more expensive crypto tokens first, across all relevant blockchain networks.
The developers flooded the app's page with fake positive reviews to mask negative ones, misleading potential victims. Only 20 users who lost money left negative reviews, suggesting many victims may still be unaware. Security researchers have found similar crypto drainer malware targeting mobile users exclusively.
WalletConnect, the malicious app, has been removed from the Google Play Store. It stole over $70,000 in cryptocurrency from unsuspecting users. While the developer remains unidentified, the discovery of such malware serves as a reminder for users to be cautious when downloading apps from the app store and connecting their wallets.
Read also:
- Regensburg Customs Crackdown Nets 40+ Violations in Hotel Industry
- Mural at blast site in CDMX commemorates Alicia Matías, sacrificing life for granddaughter's safety
- Sanae Takaichi Set to Make History as Japan's First Female PM, Bringing Controversial Views
- Brazilian Man Arrested for Alleged Role in FBI InfraGard Leak
