If you have any of the following apps installed on your phone, you need to delete them right away. These applications managed to successfully deceive Google into being listed in the Play Store, posing significant security risks.
You may feel secure downloading apps from the Play Store, as Google claims to employ Google Play Protect to scan for harmful software. However, some apps have figured out how to slip through the cracks.
A report from Cyble, a global cyber threat intelligence company, has uncovered multiple deceptive apps that direct users to phishing websites when launched. Alarmingly, they open an in-app WebView that asks for sensitive information like mnemonic phrases for digital wallets, essentially giving hackers the keys to users’ cryptocurrency assets.
The mnemonic phrase is crucial because it acts as the “master key” to a digital wallet. With access to this phrase, cybercriminals can quickly drain any associated cryptocurrency or tokens.
Cyble identified that these malicious apps have names similar to reputable wallet services, such as SushiSwap, PancakeSwap, and Hyperliquid, which adds to their deceptive nature. Some developers who originally produced legitimate apps have been compromised to facilitate this scam.
If you have either of these nine apps on your device, it’s crucial to remove them immediately: Pancake Swap, Suite Wallet, Hyperliquid, Raydium, BullX Crypto, OpenOcean Exchange, Meteora Exchange, SushiSwap, and Harvest Finance Blog. These apps employ phishing tactics to extract users’ mnemonic phrases, often through misleading emails or messages that instill fear and urgency.
Although Google has removed many of these apps from the Play Store, they can still harm your device if they remain installed. Therefore, ensure you uninstall any of these malicious applications, even if they are no longer available for download.