The recent cryptocurrency market surge has attracted a lot of attention. Not just because people are making good money, but also because criminals smell new opportunities to scam users. A new report by ESET confirms at least two fake cryptocurrency wallets were available for download on the Google Play Store. Both options are now removed, albeit they were available for far too long.
Fake Cryptocurrency Wallets Remain a Problem
As more and more people rely on mobile devices for their everyday activities, the financial aspect is also shifting to smartphones and tablets. This also means the demand for mobile apps is on the rise, with users not always conducting the necessary research to vet applications. As long as the app in question has a lot of stars or decent user reviews, consumers will be more than eager to give the app the benefit of the doubt.
In most cases, that behavior would not cause any real problems. As far as cryptocurrency wallets are concerned, however, things are very different. Fake offerings often steal users’ funds, with no option of filing a chargeback or recovering the money. This creates a very unusual and worrisome situation when a malicious mobile wallet is discovered.
Researchers at ESET have not found just one but two malicious cryptocurrency wallets in recent months. Both Coin Wallet and Trezor Mobile Wallet were available for download for multiple weeks. In the case of Coin Wallet, it supported 13 different currencies, tokens, and assets. However, all users received the exact same wallet address for the currency of their choice. A very sloppy approach by the scammers, albeit a successful one.
Trezor Mobile Wallet tried to ride the coattails of the popular hardware cryptocurrency wallet Trezor. The company offering these units has no plans to introduce a mobile application. It would appear no funds were stolen through this particular application, as Trezor’s team has built in multiple layers of security to avoid account abuse. Even so, some of the victims’ personal information such as email addresses can be used for further phishing attacks.
It is not the first time fake cryptocurrency wallets make their way to the Google Play Store. In most cases, these apps are reported on the same day as when they become available. These two fake offerings, however, were not removed for several weeks. No one really knows why it took so long, or why users still trust random crypto wallets on a mobile app store.
It is safe to say these scam attempts coincide with the recent market surge of all major cryptocurrencies. Since so many new people enter the crypto space when prices move up, they will look for mobile wallets more often than not. This allows criminals to take advantage of this situation. It seems unlikely this will be the last time fake crypto wallets show up on Android.
Disclaimer: This is not trading or investment advice. The above article is for entertainment and education purposes only. Please do your own research before purchasing or investing into any cryptocurrency or digital currency.