Cybersecurity experts have warned of a threat to cryptocurrency users on Android devices, as a group of fake apps could steal their cryptocurrency by tricking them into entering sensitive information.
The Cyble cybersecurity team uncovered 20 fake apps impersonating popular digital wallets on the Google Play Store. These apps use names and logos similar to those of the original apps, making it difficult for the average user to distinguish them from the real ones.
The fake apps include well-known names like Pancake Swap and Suite, but are actually malicious apps that aim to steal the 12-word "passphrase," which gives hackers full access to users' wallets.
Users can verify the authenticity of apps by reviewing the developer name and app package. Fake apps use strange and unknown developer names, unlike authentic apps that reference trusted development teams.
This unique phrase is the only key to a cryptocurrency wallet. If it is stolen, the stolen funds cannot be recovered due to the irreversible nature of blockchain transactions (transfers or exchanges of data or digital assets recorded on the blockchain network, an immutable distributed database).
Investigations revealed that some of these apps were distributed via developer accounts previously used for legitimate apps, which were then hijacked by hackers, making the fake apps appear trustworthy and enabling them to spread easily.
Experts advise deleting these apps immediately and checking the number of downloads and ratings. Genuine apps are usually very popular and have thousands of downloads, unlike fake apps with few downloads.
Experts also stressed the need to be wary of suspicious download links and avoid downloading applications from unofficial sources.
Google has removed most of these apps after reports, but some are still available, so users should keep their devices updated and regularly check installed apps.
List of fake apps that should be deleted immediately:
Pancake Swap - Package: co.median.android.pkmxaj
Suite Wallet - Package: co.median.android.ljqjry
Hyperliquid - Package: co.median.android.jroylx
Raydium - Package: co.median.android.yakmje
Hyperliquid - Package: co.median.android.aaxblp
BullX Crypto - Package: co.median.android.ozjwka
OpenOcean Exchange - Package: co.median.android.ozjjkx
Suite Wallet - Package: co.median.android.mpeaaw
Meteora Exchange - Package: co.median.android.kbxqaj
Raydium - Package: co.median.android.epwzyq
SushiSwap - Package: co.median.android.pkezyz
Raydium - Package: co.median.android.pkzylr
SushiSwap - Package: co.median.android.brlljb
Hyperliquid - Package: co.median.android.djerqq
Suite Wallet - Package: co.median.android.epeall
BullX Crypto - Package: co.median.android.braqdy
Harvest Finance blog - Package: co.median.android.ljmeob
Pancake Swap - Package: co.median.android.djrdyk
Hyperliquid - Package: co.median.android.epbdbn
Suite Wallet - Package: co.median.android.noxmdz
