Security researchers from Check Point Research have uncovered a fraudulent app in the Google Play store that deceived over 150 users, resulting in a loss of $70,000.
What We Know
The app, named WalletConnect, bore a name and logo similar to the legitimate WalletConnect protocol, which misled users. After installing the app, users connected their cryptocurrency wallets, believing it was secure. However, the app redirected them to a malicious website, where attackers gained access to their wallets and transferred their cryptocurrency.
Despite being downloaded more than 10,000 times, only 20 victims left negative reviews, allowing the scammers to conceal their actions behind a wall of fake positive feedback. The app was available on Google Play for five months before Google took it down. Users who installed the app are urged to uninstall it immediately.
