> Back to All Posts

Crypto Phishing Campaign Adds Fake Wallet Apps on Google Play

New Crypto Phishing Campaign

A new cyber threat is making waves in the crypto world. This time, it’s coming straight from the Google Play Store. Security researchers have uncovered a crypto phishing campaign involving dozens of fake crypto wallet apps that are targeting unsuspecting users. These lookalike apps mimic real crypto platforms and trick users into handing over their 12-word recovery phrases, giving attackers full access to their digital assets.

What’s Happening?

Security experts from Cyble Research recently identified more than 20 deceptive apps posing as well-known crypto wallets, including PancakeSwap, SushiSwap, and Raydium. These fraudulent apps are available on the Google Play Store, disguised to look just like the originals.

Once installed, the apps ask users to “import” their wallets by entering their seed phrase, a set of 12 words used to access a crypto wallet. If the user complies, the attackers gain full control of their funds and can drain the wallet completely.

Some of these apps are being uploaded using developer accounts that were either hacked or repurposed after publishing legitimate apps, making them harder to spot.

How the Scam Works

This crypto phishing campaign follows a familiar but effective pattern:

  1. User downloads a fake wallet app from Google Play, thinking it’s genuine.
  2. The app prompts for a 12-word recovery phrase during setup.
  3. Phishing websites are linked within the app’s privacy policy or other sections, reinforcing the illusion of legitimacy.
  4. The attacker receives the seed phrase and immediately uses it to access and empty the wallet.
  5. Once that recovery phrase is stolen, there’s no way to reverse the damage. Crypto transactions are irreversible, and funds are gone for good.

Who’s at Risk?

Anyone using crypto wallets on Android is a potential target. These fake apps don’t just fool beginners. They’re sophisticated enough to catch experienced users off guard too, especially if they’re in  rush or not paying close attention.

How to Spot a Fake Wallet App

Here are a few warning signs that an app might not be legit:

  • Unknown Developer: If the app developer isn’t the official source or lacks a solid track record, be cautious.
  • Inconsistent Branding: Logos, colors, and UI that don’t match the official app.
  • Privacy Policy Links to Suspicious Domains: Some of these apps link to phishing websites from within the privacy section.
  • Unusual Permissions: If the app asks for permissions it doesn’t need (e.g., SMS, contact access), that’s a red flag.
  • Requests for Seed Phrases: No real wallet app should ask for your recovery phrase just to log in.

How to Stay Safe

To avoid falling victim to these kinds of attacks, follow these essential safety tips:

  • Only download apps from trusted sources. When possible, install apps directly from the official website of the crypto platform.
  • Double-check the developer name and read recent user reviews carefully.
  • Never share your recovery phrase with any app, website, or person. Real wallets don’t need it unless you’re restoring a wallet—not just logging in.
  • Turn on Google Play Protect, which helps detect potentially harmful apps.
  • Consider using a hardware wallet for large amounts of crypto, as it stores your private keys offline.
  • Update your apps and phone regularly to ensure you have the latest security patches.

If You’ve Been Targeted: What to Do Now

If you suspect that you’ve installed a fake crypto wallet app or entered your recovery phrase into a suspicious app or site:

  • Immediately transfer your funds to a new wallet with a new recovery phrase.
  • Secure any linked accounts, like exchanges, by changing passwords and enabling two-factor authentication.
  • Report the fake app to Google and notify the affected crypto platform if applicable.
  • Warn others – post about the scam in communities or social media to help spread awareness.

Final Thoughts

With crypto adoption growing, it’s no surprise that scammers are stepping up their game. This crypto phishing campaign highlights just how easy it can be to fall for a scam, even in a trusted environment like the Play Store.

Always take your time when installing apps related to finances. Verify everything twice. And remember: your seed phrase is your vault key. If someone else gets it, they get everything.

Stay sharp, stay secure, and share this article to help others stay safe too.

 

Janet Andersen

Janet is an experienced content creator with a strong focus on cybersecurity and online privacy. With extensive experience in the field, she’s passionate about crafting in-depth reviews and guides that help readers make informed decisions about digital security tools. When she’s not managing the site, she loves staying on top of the latest trends in the digital world.