Good day everyone,
I hope you are all having a good day, welcome to CryptoGod-1's blog on all things crypto. In this post I will be looking at a malicious app which has managed to drain over $70,000 from crypto wallets.
WalletConnect
The app, known as WalletConnect, has mimicked the reputable WalletConnect protocol and has reportedly stolen $70,000 from users. It is a sophisticated scam from the fraudulent cryptocurrency wallet app, which is available on Google Play, and has been described as a world-first for targeting mobile users exclusively. Over 10,000 users downloaded the app just to find their crypto wallets drained.
The creators of this scam app were clearly sophisticated and clued-in to the typical challenges faced by web3 users. These include things such as compatibility issues and the lack of widespread support for WalletConnect across different wallets. The scam app marketed itself as a solution to these common issues and took advantage of the absence of an official WalletConnect app on the Play Store. Making use of fake positive reviews, the app looking genuine and legitimate to everyday users and managed over 10,000 downloads.
Cybersecurity firm Check Point Research (CPR) discovered the fraudulent app and as part of their investigation they discovered transactions linked to more than 150 crypto wallets. These victims of the scam had been instructed to link their wallets after installing the app, under the false pretence of a secure and seamless access to web3 applications.
Once users authorised transactions they were redirected to a malicious website that harvested their wallet details. Through the exploitation of smart contracts, the hackers were then able to initiate unauthorized transfers to drain the unsuspecting victims wallets.
Google removed the malicious app and highlighted its Google Protect feature following the CPR report, but this incident follows similar attacks targeting mobile users, including a previous case where over 11 million Android users unknowingly downloaded apps infected with Necro malware. This resulted in unauthorised subscription charges and is one of many attempts by hackers to target mobile users. Another attempt to hack is when automated email replies are used to compromise systems and deliver stealthy crypto mining malware. One such malware, known as the “Cthulhu Stealer," and impacts MacOS systems disguises itself as legitimate software which targets personal information. This includes MetaMask passwords, IP addresses, and cold wallet private keys.
Michael McLaughlin, a cybersecurity expert, noted that users need to be cautious when he stated:
“If you’re using a crypto trading platform—and it could be Coinbase, it could be Kraken, it could be any of those— they offer multi-factor authentication even on their mobile applications. And you have to implement them.”
Have a great day.
Peace. CryptoGod-1.
Referral Links and Follow Me:
