Fake Crypto Apps on App Store: How to Identify and Avoid Malicious Wallets
Security researchers discovered 47 fake cryptocurrency wallet apps on Apple App Store and Google Play that stole $24M from users before removal.
Security researchers at Check Point have uncovered 47 fake cryptocurrency wallet applications on both Apple App Store and Google Play Store that collectively stole $24 million from victims before being removed. The apps mimicked legitimate wallets from MetaMask, Trust Wallet, and Phantom.
How They Work
The fake apps functioned normally for small amounts to build trust. When users imported existing seed phrases or created new wallets with significant funds, the apps silently transmitted seed phrases to attacker-controlled servers. Users typically discovered the theft hours to days later.
How to Stay Safe
Only install wallets from official publisher websites. Verify app publisher names exactly. Check install counts and review dates. Use hardware wallets for significant amounts. Never import seed phrases into mobile apps.
