A new report by cybersecurity experts at Check Point Research has revealed a crypto wallet draining app that stole over $70,000 from users over five months.
The fake app was available on Google Play and tricked thousands into downloading it by posing as WalletConnect, a popular tool used to connect crypto wallets to decentralized apps (dApps).
Check Point Research’s September 26 report highlights this as the first known case of a mobile drainer app targeting the crypto community.
Did you know?
Want to get smarter & wealthier with crypto?
Subscribe – We publish new crypto explainer videos every week!
How to Get Free Crypto? (Explained with Animations)
This fake app was downloaded by more than 10,000 people, helped by fake reviews and clever branding that pushed it up in search results.
The app was initially named “Mestox Calculator” when it launched on March 21, with its official URL leading to what appeared to be a legitimate calculator website, allowing it to bypass security checks in the Google Play review process. While the app’s name was changed several times, it remained on the store for months without being noticed due to the seemingly harmless URL.
Once installed, the app would send users to a system that ran malicious software called MS Drainer. This software asked users to connect their wallets, pretending to verify them. By doing so, users unknowingly gave the scammers permission to take the maximum amount of funds from their wallets.
Check Point Research commented:
This incident highlights the growing sophistication of cybercriminal tactics, particularly in the realm of decentralized finance, where users often rely on third-party tools and protocols to manage their digital assets. The malicious app did not rely on traditional attack vectors like permissions or keylogging. Instead, it used smart contracts and deep links to silently drain assets once users were tricked into using the app.
Google has since removed the app from its store, but Check Point Research cautioned users to remain vigilant when downloading apps, even from well-established platforms like Google Play.
This case highlights the importance of staying informed in the crypto world. Even small actions, like connecting a wallet, can lead to huge financial losses if users are not careful.
In other news, hackers recently took over the OpenAI Newsroom X account, promoting a fake token scam disguised as an airdrop for ChatGPT users.
Gode is a Web3 Market Analyst who researches the most important industry events and interprets how they affect the wider Web3 space. Her formal education in media culture & digital rhetoric allows her to employ a methodical approach to evaluating critical Web3 news data, including large-scale events and the wider social sentiment within the ecosystem.Gode is a mutilingual professional, having studied in multiple universities all across Europe. This allows her to have a one-of-a-kind opportunity to analyze Web3 social sentiments spanning different cultures and languages and, in turn, develop a much deeper understanding of how the Web3 space is growing within different communities. With the rest of her team, Gode works to identify crucial crypto news patterns and provide unbiased and data-driven information.Gode’s passions include working and communicating with people, and when she’s not researching Web3 news, she spends her time traveling and watching true crime documentaries.