People using crypto wallets are under threat due to some fake apps on the Google Play Store. According to sources, more than 20 fake crypto wallet apps have been discovered by cybersecurity experts on the Google Play Store. These apps disguised as crypto wallet apps are made to steal your wallet information.
The list of apps comes courtesy of Cyble, discovering a raft of apps tricking their way into the Play Store. The apps have successfully mimicked the names and icons of a legitimate digital wallet. Right after the app is installed and opened, they open a phishing website or an in-app WebView. Furthermore, it requests the mnemonic phrases that can be used to empty the wallet. Also, it steals users’ sensitive wallet recovery data.
What are These Apps?
As per the sources, the malicious apps found on the Play Store are stealing Mnemonic Phrases of crypto wallet applications:
| Name | Package name | Privacy Policy |
| Pancake Swap | co.median.android.pkmxaj | hxxps://pancakefentfloyd.cz/privatepolicy.html |
| Suiet Wallet | co.median.android.ljqjry | hxxps://suietsiz.cz/privatepolicy.html |
| Hyperliquid | co.median.android.jroylx | hxxps://hyperliqw.sbs/privatepolicy.html |
| Raydium | co.median.android.yakmje | hxxps://raydifloyd.cz/privatepolicy.html |
| Hyperliquid | co.median.android.aaxblp | hxxps://hyperliqw.sbs/privatepolicy.html |
| BullX Crypto | co.median.android.ozjwka | hxxps://bullxni.sbs/privatepolicy.html |
| OpenOcean Exchange | co.median.android.ozjjkx | hxxps://openoceansi.sbs/privatepolicy.html |
| Suiet Wallet | co.median.android.mpeaaw | hxxps://suietsiz.cz/privatepolicy.html |
| Meteora Exchange | co.median.android.kbxqaj | hxxps://meteorafloydoverdose.sbs/privatepolicy.html |
| Raydium | co.median.android.epwzyq | hxxps://raydifloyd.cz/privatepolicy.html |
| SushiSwap | co.median.android.pkezyz | hxxps://sushijames.sbs/privatepolicy.html |
| Raydium | co.median.android.pkzylr | hxxps://raydifloyd.cz/privatepolicy.html |
| SushiSwap | co.median.android.brlljb | hxxps://sushijames.sbs/privatepolicy.html |
| Hyperliquid | co.median.android.djerqq | hxxps://hyperliqw.sbs/privatepolicy.html |
| Suiet Wallet | co.median.android.epeall | hxxps://suietwz.sbs/privatepolicy.html |
| BullX Crypto | co.median.android.braqdy | hxxps://bullxni.sbs/privatepolicy.html |
| Harvest Finance blog | co.median.android.ljmeob | hxxps://harvestfin.sbs/privatepolicy.html |
| Pancake Swap | co.median.android.djrdyk | hxxps://pancakefentfloyd.cz/privatepolicy.html |
| Hyperliquid | co.median.android.epbdbn | hxxps://hyperliqw.sbs/privatepolicy.html |
| Suiet Wallet | co.median.android.noxmdz | hxxps://suietwz.sbs/privatepolicy.html |
Along with 2- applications with similar privacy policies and Median framework, the source has also identified two applications with different package names and privacy policies. Regardless of these differences, their underlying objectives remained the same: stealing user’s Mnemonic Phrases.
| Application name | Package names | Privacy Policy |
| Raydium | cryptoknowledge.rays | hxxps://www.termsfeed.com/live/a4ec5c75-145c-47b3-8b10-d43164f83bfc |
| PancakeSwap | com.cryptoknowledge.quizzz | hxxps://www.termsfeed.com/live/a4ec5c75-145c-47b3-8b10-d43164f83bfc |
Why Targeted Crypto Wallet Users?
The cryptocurrency transactions are irreversible and, once compromised, stolen assets are nearly impossible to receive. As a result, crypto wallet users become prime targets for hackers. These attackers exploit fake apps, malware-laden tools, and even legitimate-looking applications to access wallet credentials, seed phrases, and private keys.
Tips to Stay Secure
- Consider 2FA and use apps like Google Authenticator or Authy.
- Store large sums of crypto in offline wallets rather than mobile apps.
- Focus on what data your apps are accessing.
- Ensure your apps and OS are updated to patch vulnerabilities.
- Avoid conducting crypto transactions over an unsecured network.
End Note
With the rise in cybercrime, people need to focus more on digital security. Especially securing your crypto wallet is more than protecting an app. It is about securing the entire digital footprint. The shady apps outlined in the article must be removed to protect your investment. Thus, only trust official sources and be cautious about permissions and never store your recovery phrases digitally.
About The Author
