A crypto wallet drainer app posing as WalletConnect has stolen over $70,000 from unsuspecting users on the Google Play Store, according to a report by Check Point Research. The malicious app used “advanced evasion techniques” to avoid detection for over five months, tricking more than 150 users into linking their wallets.
The fake app, originally called “Mestox Calculator,” first appeared in March and underwent several name changes to stay undetected. By using a harmless calculator front, the app passed Google Play’s security checks. However, once installed, it redirected users to a backend that drained crypto wallets.
The app fooled users by asking them to connect their wallets and approve permissions, which allowed the attackers to steal funds. Not everyone was affected — only those who connected a wallet or met the malware’s specific targeting criteria.
According to a report by Check Point Research, after being downloaded more than 10,000 times, the app has since been removed from the store. This is the first time a drainer app has exclusively targeted mobile users, making it a significant security concern for crypto holders.
This incident highlights the growing threat of mobile-targeted scams in the cryptocurrency space. Users should always be cautious and verify the authenticity of apps, especially when it comes to connecting their wallets to unknown platforms.
Also Read: Scammers Burn Solana Tokens Seconds After Purchase From Inside User Wallets