According to a report by Check Point Research, a cryptocurrency wallet draining app masquerading as WalletConnect stole more than $70,000 from unsuspecting users on the Google Play Store. The malicious app used “sophisticated evasion techniques” to evade detection for more than five months and tricked more than 150 users into linking their wallets.
The fake app, originally called “Mestox Calculator,” first appeared in March and underwent several name changes to avoid detection. By using a harmless calculator front, the app passed Google Play’s security checks. However, once installed, users are redirected to the backend and their cryptocurrency wallets are compromised.
sauce: ×
The app tricked users by asking them to connect to their wallet and approve permissions, allowing attackers to steal funds. Not everyone was affected, only those who connected to the wallet or met the malware’s specific targeting criteria.
According to a report by Check Point Research, the app was removed from the store after being downloaded more than 10,000 times. This is the first time the Drainer app has targeted only mobile users, making it a major security concern for crypto holders.
This incident highlights the growing threat of mobile-targeted fraud in the cryptocurrency space. Users should always exercise caution and check the authenticity of apps, especially when connecting their wallets to unknown platforms.
Also read: Scammers burn Solana tokens from inside users’ wallets within seconds of purchase
