Delete these 20 fake e-wallet apps from your phone immediately

Cyble Research and Intelligence Labs (CRIL) has discovered more than 20 cryptocurrency-related scam apps operating on the Google Play Store platform.

These malicious apps impersonate legitimate wallets like SushiSwap, PancakeSwap, Hyperliquid, and many other popular wallets, in order to steal the mnemonic phrase - the key to access the real wallet - and drain all of the user's digital assets.

This list of 20 applications includes: Pancake Swap - Suiet Wallet - Hyperliquid - Raydium - Hyperliquid - BullX Crypto - OpenOcean Exchange - Suiet Wallet - Meteora Exchange - Raydium - SushiSwap - Raydium - SushiSwap - Hyperliquid - Suiet Wallet - BullX Crypto - Harvest Finance blog - Pancake Swap - Hyperliquid and Suiet Wallet.

A fraudulent app uploaded to the Play Store was discovered by experts.

According to CRIL, these apps are not isolated incidents but are part of a well-organized, well-executed and ongoing fraud campaign.

During the investigation, the team identified at least 50 domains associated with the campaign, indicating the existence of a technical infrastructure set up to bypass Google Play's moderation mechanisms.

When the user opens the app, a phishing website or fake wallet interface appears. The app asks the user to enter a seed phrase - extremely sensitive security information.

With just a few lines of characters, hackers can gain control of an entire e-wallet and drain all the assets inside. Worse, users will have no way to recover the lost money.

A developer behind a slew of fake apps has been taken down by Google.

CRIL warns: once the mnemonic phrase falls into the wrong hands, all assets in the wallet can "evaporate" in the blink of an eye. Therefore, users need to carefully check their mobile devices and immediately remove suspicious applications, especially wallets of unknown origin.

Never share your recovery phrase in any way. Additionally, enabling Google Play Protect will help strengthen your defenses and reduce the risk of being attacked by malicious apps.

Immediately after the discovery, CRIL immediately sent a report to Google, which resulted in the majority of the malicious apps being removed from the Play Store. However, at the time of publication, some apps were still active on the platform and continued to be reported for processing.

According to CRIL, these fraudulent apps have many common identifying features, such as inserting links to command and control (C&C) servers right in the privacy policy, using similarly structured package names and descriptions. However, they are released under different developer accounts, making it difficult to detect on a large scale.

Here is a list of over 20 Android apps that users are advised to delete immediately from their devices. Note: the app names may be the same, but each app has a different package name.

Source: https://khoahocdoisong.vn/xoa-ngay-20-app-gia-mao-vi-dien-tu-nay-khoi-dien-thoai-post1546920.html