Beware: Fake WalletConnect App Scams Users of $70,000
- Over 150 victims lost $70,000 to a fraudulent WalletConnect app on Google Play Store.
- The app tricked users into linking crypto wallets, enabling attackers to drain funds.
- Check Point Research uncovered the scam, leading to the app's removal after five months.
Crypto Scam Alert: 150 Victims Targeted by Fraudulent WalletConnect
A fraudulent app, "WalletConnect," listed on the Google Play Store, scammed over 150 victims out of $70,000. Disguised as a legitimate crypto wallet protocol, the app tricked users into linking their cryptocurrency wallets, allowing attackers to steal funds. It was active for five months before Google removed it.
Fake Crypto Wallet Scammed Over 150 Victims - What's the News
A crypto wallet scam, recently uncovered by Check Point Research (CPR), targeted web3 users via a fraudulent app named "WalletConnect." This app, listed in the Google Play Store, was cleverly designed to mimic the legitimate open-source protocol WalletConnect. The app’s title and logo were almost identical to the real protocol, fooling users into thinking it was trustworthy.
The fake app exploited users’ trust by marketing itself as a solution to issues found in the actual WalletConnect protocol, such as lack of universal support among widely-used crypto wallets. With over 10,000 installs, the scam successfully defrauded 150 victims, collectively stealing $70,000. The app's misleading appearance and its promise of secure access to web3 applications made it easy for attackers to lure unsuspecting users.
How the Crypto Scam Takes Place
Once a user installed the app, they were prompted to link their crypto wallets, believing the app was genuine. The app then asked users to choose a new crypto wallet that supposedly supported the WalletConnect protocol. From there, the victims were directed to authorize transactions, only to be taken to a malicious website controlled by the attackers.
The website gathered sensitive information about the users' wallets, including private keys and transaction data. Using smart contracts, the scammers transferred valuable cryptocurrency from the victims' wallets to their own accounts, even prioritizing higher-value assets. This type of attack, known as a "crypto drainer," allowed the criminals to discreetly drain the victims' funds, making it one of the first times mobile device users were exclusively targeted by such a method.
MeasuresTaken Against the Crypto Scam
Although the scam affected over 150 users, only 20 victims reported the fraud through negative reviews on the Google Play Store. The scammers countered by posting fake positive reviews, allowing the app to maintain a high rating and stay active for five months before being detected and removed by Google.
Check Point Research played a crucial role in identifying the scam and alerting the public. Google has since taken down the fraudulent app, but by then, the attackers had already made off with $70,000 worth of cryptocurrency. Users who installed the app have been advised to uninstall it immediately and check their wallets for unauthorized transactions.
It’s not always about scam that defraud the investors but also the scams that mislead the enthusiasts and brings down their trust from such investments. Recently Hamster Kombat Airdrop disappointed many investors with its Airdrop criteria and allocation
Read More: $HMSTR Perpetual Futures Trading on Coinbase Amid Price Slump
