- Fake WalletConnect app duped users by promising better features than web version.
- Scammers use the name and reputation of the WalletConnect app to trick users and steal $70K.
- The fake application has finally been removed from the Google Play Store.
Recently, the crypto sector has witnessed a worrisome crypto wallet app scam. Scammers managed to steal $70,000 by tricking Web3 users into using a fake WalletConnect app on the Google Play Store.
In reality, WalletConnect does not have an official mobile app to connect crypto wallets to decentralized applications (dApps).
Researchers have described this scam as a world first. Scammers have leveraged the reputation of the legitimate WalletConnect protocol to make users download the fraudulent app.
Now, WalletConnect Foundation has warned everyone regarding the fake app on the Google Play Store through an X post.
Fake WalletConnect App Tricked Users In Scam
WalletConnect is an open source protocol to connect crypto wallets to decentralized applications (dApps) on the web. Their network supports over 150 million connections for over 23 million users globally. WalletConnect has more than 4,000,000 active monthly users.
Recently, scammers leveraged the name and reputation of WalletConnect by creating a fake app on the Google Play Store. First, the fraudulent app was launched under the name “Mestox Calculator.” Then, it went through several changes before its transition to the WalletConnect mobile app.
Attackers used the official project’s logo in the app tile image on the Play Store. The fake WalletConnect app promised users to provide solutions for the problems faced in the actual WalletConnect protocol. Even this fraudulent app managed to get fake reviews.
The malicious app deceived over 10,000 users with the assurance of seamless decentralized wallet connectivity. Over 150 wallets were compromised in the crypto wallet app scam. It resulted in significant financial losses for these users.
They downloaded the fake app on their mobile phones and then got redirected to a malicious website. This site stole details about the wallet and known addresses. Scammers manipulate smart contracts and drain victims’ wallets by looting high-value tokens.
The fake WalletConnect app has managed to bypass the security of the Google Play Store for five months after its launch. This malicious crypto wallet app has robbed $70,000 from over 150 victims.
Fake WalletConnect App Removed From Play Store
Recently, WalletConnect Foundation has officially announced the removal of the fake crypto wallet app from the Google Play Store. They announced a post on X (Twitter) to remind everyone that no WalletConnect app exists.
They have warned crypto users to beware of all the fraudulent apps claiming to be WalletConnect apps.
Also, WalletConnect Foundation has said they are committed to protecting users from such scams. They urged users to follow best security practices to secure their digital assets.
Even the cybersecurity manager at Check Point Research, Alexander Chailytko, has said this incident is a wake-up call for all crypto users. He highlighted the need for advanced, AI-driven security measures to secure crypto assets in the evolving DeFi space.
WalletConnect Launched Token Airdrop Amid Wallet App Scam
The operations of WalletConnect protocol are uninterrupted by the recent fake app incident. They have officially launched the airdrop for the native token Connect Token (WCT).
It is done to invite users to participate in this exciting initiative for earning rewards. WCT tokens play crucial roles in the WalletConnect ecosystem.
The network distributes tokens as rewards to stakers and node operators to maintain the security. Also, it is used to make transactions within the ecosystem. Token holders get governance rights to make crucial decisions regarding network upgrades.
Disclaimer
The information in this article is for educational purposes. It does not constitute financial or investment advice. Readers should conduct their own research before investing in cryptocurrencies.
Crypto assets are highly volatile in nature and carry the risk of financial loss. The author is not liable for any actions taken based on the information provided in this article.