WalletConnect has raised concerns among crypto users after a malicious app, which was previously listed on the Google Play Store, defrauded victims of over $70,000.
WalletConnect reported on September 29 that a counterfeit app had been removed from Google Play after it posed as a legitimate tool. Before its removal, the app had stolen more than $70,000 worth of cryptocurrency from unsuspecting users.
Malicious App Exploits Mobile Users
The issue first came to light on September 26, when Check Point Research (CPR) published a detailed report about the fraudulent app. According to CPR, the app mimicked a legitimate crypto tool and exploited the trust associated with the WalletConnect brand. It remained undetected on Google Play for over five months.
In that period, the fake app was downloaded over 10,000 times, but fortunately, many users did not connect their wallets to it, limiting the damage. The app also employed tactics to target users selectively based on their IP address location and device type. When specific conditions were met, users were redirected to a malicious backend using MS Drainer software.
Released under the name “Mestox Calculator” on March 21, 2024, the app underwent several name changes, eventually posing as a WalletConnect app. Despite these changes, its URL continued to point to what appeared to be a simple calculator website, allowing it to bypass Google’s review process.
CPR highlighted that the app’s publishers used social engineering techniques, including fake reviews and branding, to enhance its visibility and credibility, which led many to believe it was genuine.
WalletConnect Scam Affects Over 150 Users
Once downloaded, the app prompted users to connect their crypto wallets and grant permissions. The creators then used advanced draining techniques to execute fraudulent transactions. Users unknowingly approved these actions, resulting in the theft of their funds.
The WalletConnect Foundation is aware of a recent scam where bad actors developed a malicious app that exploited the WalletConnect name and was available on the Google Play Store. The app has been removed from Google Play Store. The Foundation reminds everyone that there is no…
— WalletConnect (@WalletConnect) September 29, 2024
CPR estimates that around 150 users were affected, collectively losing over $70,000 in cryptocurrency. In response, WalletConnect has reminded users that there is no official WalletConnect app and has urged the community to remain cautious to avoid falling victim to similar scams in the future.
Make money without lifting your fingers: Start using a world-class auto trading solution.
LonghornFX, your trusted Partner in CFDs, Cryptocurrencies and Stocks.
- Broker
- Min Deposit
- Score
- Visit Broker
- Award-winning Cryptocurrency trading platform
- $100 minimum deposit,
- FCA & Cysec regulated
- 20% welcome bonus of upto $10,000
- Minimum deposit $100
- Verify your account before the bonus is credited
- Over 100 different financial products
- Invest from as little as $10
- Same-day withdrawal is possible
- Fund Moneta Markets account with a minimum of $250
- Opt in using the form to claim your 50% deposit bonus
Learn to Trade
Never Miss A Trade Again
Signal Notification
Real-time signal notifications whenever a signal is opened, closes or Updated
Get Alerts
Immediate alerts to your email and mobile phone.
Entry Price Levels
Entry price level for every signal Just choose one of our Top Brokers in the list above to get all this free.