Crypto Scam App Evades Google Play Detection, Stealing Thousands from Users

According to cybersecurity company Check Point Research, a fraudulent software on the Google Play Store has resulted in the theft of over $70,000 from gullible cryptocurrency users. Under the pretext of WalletConnect, a reliable solution for connecting digital wallets to DeFi apps, the fraudulent program employed cunning strategies to stay hidden for over five months.

The app underwent repeated rebranding after its March introduction under the name “Mestox Calculator” in order to evade Google’s review process flagging it. With the use of phony reviews and constant promoting, it tricked over 10,000 individuals into downloading it. Over 150 victims had their wallets empty after connecting to the app, even if other users managed to escape falling for the fraud.

Unknowingly giving the app access to their wallets, those who lost assets made it easy for attackers to take as much money as they could. The thieves avoided using more popular techniques like keylogging or permissions by executing the robberies through the use of smart contracts and deep linkages.

Growing Sophistication in Crypto Scams

Check Point Research emphasized the increasing sophistication of these scams targeting crypto users. “This incident highlights the evolving nature of online attacks,” said a Check Point representative. The app’s ability to remain undetected for months despite its malicious intent underscores the need for stricter app screening on platforms like Google Play.

Although the app has been removed, this breach serves as a stark reminder for users to exercise caution when interacting with Web3 technologies. Even trusted names like WalletConnect can be used by attackers as a disguise for theft.