Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Series of fake Android apps you should remove from your device immediately
Fake Android apps aren't just found on shady third-party app stores. Sometimes they even make their way to the Play Store. And if you've installed any of these apps, your cryptocurrency wallet is at risk.
- 11 million Android devices infected with malware from Google Play
Fake Wallet Apps Are Stealing Users' Cryptocurrency
Researchers at Cyble Research and Intelligence Labs (CRIL) have discovered 20 cryptocurrency scam apps on the Google Play Store that impersonate legitimate wallet apps like SushiSwap, PancakeSwap, Hyperliquid, and many others, leading users to fake login pages and stealing your mnemonic phrase.
These mnemonic phrases, also known as seeds or recovery phrases, are randomly generated strings of words that you receive when you create a new cryptocurrency wallet. You should hide these phrases because they are essentially human-readable backups of your wallet's private keys.
They can help you regain access to your wallet if your device is lost or stolen. But in the wrong hands, they can also empty your cryptocurrency account. Anyone with access to your mnemonic phrase can access and control the assets in your cryptocurrency account.
CRIL's report mentions the following 20 applications:
| Application Name | Package name |
|---|---|
| Pancake Swap | co.median.android.pkmxaj |
| Suite Wallet | co.median.android.ljqjry |
| Hyperliquid | co.median.android.jroylx |
| Raydium | co.median.android.yakmje |
| Hyperliquid | co.median.android.aaxblp |
| BullX Crypto | co.median.android.ozjwka |
| OpenOcean Exchange | co.median.android.ozjjkx |
| Suite Wallet | co.median.android.mpeaaw |
| Meteora Exchange | co.median.android.kbxqaj |
| Raydium | co.median.android.epwzyq |
| SushiSwap | co.median.android.pkezyz |
| Raydium | co.median.android.pkzylr |
| SushiSwap | co.median.android.brlljb |
| Hyperliquid | co.median.android.djerqq |
| Suite Wallet | co.median.android.epeall |
| BullX Crypto | co.median.android.braqdy |
| Harvest Finance blog | co.median.android.ljmeob |
| Pancake Swap | co.median.android.djrdyk |
| Hyperliquid | co.median.android.epbdbn |
| Suite Wallet | co.median.android.noxmdz |
Note : You will notice some apps are repeated in the above list. That is because many apps are impersonating the same app or sharing the same name to pretend to be the legitimate app. You can differentiate them by their respective package names.
These apps also don't use any technical tricks to trick you. They are originally phishing websites that have been converted into Android apps using the Median framework and distributed on the Play Store using the original developer account that provides the legitimate apps. Some apps bypass the framework and load the phishing website directly in the Android WebView.
Some of these developer accounts have as many as 100,000 downloads. Researchers believe these are old developer accounts that have been compromised and are now being used to distribute these fraudulent apps.
When you see a phishing site impersonating a legitimate wallet, you will be asked to enter a 12-word mnemonic phrase. As soon as you do so, you have handed over your cryptocurrency wallet keys to the hacker.
Always be careful to avoid risks!
This campaign is another reminder that you should always check reviews and app descriptions before downloading, even if you are on the official app store for your platform. When dealing with cryptocurrency apps, check to make sure you are downloading the app from the official developer and not an imposter.
Remember that legitimate cryptocurrency services will never ask for a mnemonic phrase unless you are trying to recover your account manually. If you are asked to enter a mnemonic phrase during a regular login process, something is wrong. In such cases, immediately check the website URL and if it is not a legitimate website, close that tab immediately.
Jessica TannerYou should read it
- Why are Android tablet apps so bad?
- These Android apps with more than 100,000 downloads contain Joker malware, please remove immediately
- This Simple Android App Proves Anything Can Contain Malware
- 10 Android Apps You Should Delete Immediately to Protect Your Privacy
- Detects many malicious Android applications that hide icons themselves to make it harder to uninstall
- Great apps only available on Android
- Top Android apps are free and discounted (May 24, 2019)
- How to identify and avoid fake Android apps in Play Store
May be interested
- 10 apps phishing iPhone users to remove immediately from their phones
those who have previously downloaded these applications need to remove them immediately from their phone. - 10 Android Apps You Should Delete Immediately to Protect Your Privacyyour favorite apps don't just collect information for their own use; they also share it with third parties, all for profit.
- 23 malicious apps that steal Facebook and Instagram accounts and blackmail users, need to be removed immediatelyzimperium security experts recently discovered a series of malicious applications that track android smartphone users to steal facebook, instagram, ... even blackmail device owners.
- Bloatware list can be uninstalled or safely deleted from Android device synthesized by Androidsagethe news site androidsage has compiled a safe bloatware list to help users avoid cases of system errors when removing the default android application with adb.
- These Android apps with more than 100,000 downloads contain Joker malware, please remove immediatelyalthough the apps below have been removed from the play store, they have been downloaded more than 100,000 times.
- Detects many malicious Android applications that hide icons themselves to make it harder to uninstallthreat researchers at australia-based sophoslabs have found 15 android apps, apparently doing nothing but displaying ads on the device. these programs have product names and descriptions from qr readers to photo editors.
- 7 best free Android apps to fake GPSbelow are the best fake gps apps on android. it's all free and doesn't require you to root your phone or tablet.
- How to avoid being fooled by fake Android system notifications?when using a mobile device, you often see system messages randomly popping up, but be cautious because there are lots of malware generated spam phones to display such a message, this is a new types of attacks appear recently.
- 10 million Android users are tricked into downloading fake Samsung applicationsaccording to a new report by csis securtu group, about 10 million android users have been tricked into downloading an advertised app that can update android and help them improve their smartphone performance.
- Instructions to restore deleted applications on Android / iOSwhat if you accidentally delete the application on android or ios and want to restore it? this article will show you how to recover deleted apps on android and ios.
Technology story
- List of Apple Watch models that support watchOS 26
- New feature turns AirPods into a remote camera control device for iPhone
- Microsoft claims Edge browser performs better than Chrome on Windows
- Intel or AMD Chips Are Better for Windows 11 Pro? Microsoft is Controversial Again!
- CD burning application suddenly 'reappears' on Windows 11 with 64-bit version
- List of Mac devices that will support macOS 26
List of Apple Watch models that support watchOS 26
New feature turns AirPods into a remote camera control device for iPhone
Microsoft claims Edge browser performs better than Chrome on Windows
Intel or AMD Chips Are Better for Windows 11 Pro? Microsoft is Controversial Again!
CD burning application suddenly 'reappears' on Windows 11 with 64-bit version
List of Mac devices that will support macOS 26