Here’s a list of fake crypto apps you need to uninstall immediately

Cybersecurity researchers are sounding the alarm after uncovering a widespread scam involving dozens of fake cryptocurrency wallet apps available on the Google Play Store. These malicious apps are designed to harvest users’ private wallet information, putting significant amounts of cryptocurrency at risk.

Advertisement

A report released by Cyble Research and Intelligence Labs (CRIL) confirms that more than 20 counterfeit wallet apps have made it past Google’s app review process. These apps impersonate popular decentralised finance (DeFi) platforms such as SushiSwap, PancakeSwap, Hyperliquid, and Raydium, and are actively deceiving users into compromising their digital wallets.

How the scam works

Unlike typical malware, these fake apps use social engineering tactics to gain access to users’ funds. Once installed, the apps request users to input their 12-word recovery phrase—a critical piece of information that serves as the master key to a crypto wallet. Entering it grants attackers full access to the wallet, enabling them to steal funds instantly.

What sets this scam apart is the way it leverages previously trusted developer accounts. Many of these accounts were once used to publish legitimate software, including games and productivity tools. By reusing these accounts, threat actors are able to capitalise on their existing credibility.

To further the illusion, the apps mimic the visual identity, interface layout, and naming conventions of real wallet apps, making them extremely difficult for the average user to identify as fake.

Hidden phishing tactics and seemingly trustworthy apps

Some of these fraudulent apps go a step further by embedding phishing links within their privacy policies—an unusual but highly effective method of misleading users. These embedded links often redirect one to websites designed to trick victims into revealing sensitive information under the guise of user support or verification processes.

Steps you should take

In light of these findings, security experts advise cryptocurrency users to take the following precautions immediately:

*Remove any unfamiliar or unofficial wallet apps from your device.

*Never share your recovery phrase, especially within apps or websites not verified by your wallet provider.

*Download apps only from official sources or developers verified by the platform.

*Activate two-factor authentication where available for an added layer of protection.

*Review your wallet activity regularly to spot and respond to any suspicious transactions.

List of dangerous apps on Google Play Store

This report reflects the increasing sophistication of scams targeting the crypto and DeFi sectors. As adoption grows, so does the appeal for cybercriminals. App store users are reminded that even platforms like Google Play are not immune to exploitation.

Practise caution and re-examine your crypto apps today to prevent financial losses tomorrow.