Cybercriminals have once again targeted cryptocurrency holders. Researchers from Check Point Research discovered the existence of a malicious app called “WalletConnect” that operated unnoticed on the Google Play store for nearly five months, robbing users of digital assets. Experts warn that in Poland, every fifth cryptocurrency holder may have fallen victim to similar scams.
The app which impersonated a Web3 wallet handling tool fooled over 10,000 people, stealing $70,000 worth of cryptocurrencies. The use of social engineering techniques and fake positive reviews helped the hackers win the trust of users and hide the real intentions of the app – explains the Check Point Research experts behind the discovery.
The criminals exploited the complexities of the legal WalletConnect protocol by using its name to deceive Google Play store users. Additionally, its authors cleverly manipulated search rankings, concealing the malicious nature of the program. The app was first released on Google Play in March 2024 and remained undetected for the following five months. According to security analysts, it was the first case where a cryptocurrency drainer exclusively targeted mobile device users.
“This is an incident that should awaken the entire community dealing with digital assets, as the emergence of the first mobile crypto drainer app on Google Play marks a significant escalation in the tactics used by cybercriminals and a rapidly changing threat landscape in decentralized finance” – notes Alexander Chailytko, Head of Cybersecurity and Innovation at Check Point Software
Attacks like this are becoming increasingly common. In the first half of 2024 alone, cryptocurrency scammers worldwide stole a total of $314 million. This represents a 6.4% increase compared to the previous year, confirming that cybercrime in the world of cryptocurrencies is growing at a dizzying rate.
Polish Users Also at Risk
In Poland, cryptocurrencies are growing in popularity. Statistics show that more and more Poles are investing in digital assets, including Bitcoin, Ethereum, and other altcoins. As many as 12% of working-age Poles claim to own cryptocurrencies. At the same time, one in five cryptocurrency owners says they fell victim to fraud – according to a study by the Polish Economic Institute.
Cybersecurity experts recommend updating software and using advanced security measures, as well as exercising extreme caution, to protect cryptocurrency wallets from threats as much as possible.
Source: https://managerplus.pl/aplikacja-walletconnect-z-google-play-przez-5-miesiecy-okradala-uzytkownikow-z-kryptowalut-15020