News Security

Malware Researcher Discovers Fake Crypto Wallets and Mining Apps on Google Play Store

Pinterest LinkedIn Tumblr

In an elaborate post by Malware researcher Lukas Stefanko, it was revealed that there is a new way for thieves to steal personal information from people. What began as credit card and identity theft has metamorphosed into stealing crypto-related information of unsuspecting users, and their funds. In particular, Stefanko found three fake crypto apps on the Google Play Store; a Neo Wallet (developed by Granville), Tether Wallet (also developed by Granville) and Neo Wallet (developed by Trackers NEO).

However, it doesn’t stop there; apparently, there is also a malware app that has been developed, which goes by the name ‘MetaMask.’ In his report, Lukas Stefanko categorized the fake apps under two categories, in which the first three fell under the “fake wallets” category. The other category is known as “phishing,” which is where the fake MetaMask app falls into. The fake MetaMask app, once installed requests for the user’s wallet password and their private keys—needed to withdraw funds from the account.

Crypto Malware App

In an attempt to see if the same person developed both NEO apps, Stefanko created two unique accounts and realized that the generated QR codes had similarities. The other category, as stated earlier, involves a phishing malware that has been disguised as a MetaMask app, in which users will be required to provide their “wallet password and private user key.”

When the app is downloaded, the user sees the public key but not the private key. Thinking the public address was generated by the app for them, they send money to the “generated public address,” but later find out that they can’t withdraw the funds as they don’t have access to the private keys.

Although the apps mentioned have already been removed from the Google Play Store, all of this only goes to show just how far thieves are willing to go to steal the funds of users.

The Rise of Fake Wallets and Mining Apps

Due to the widespread acceptance that cryptocurrencies enjoy, the act of mining them to make profits has also seen a boom. Various apps on the Google Play Store are specifically created to provide this capability to users, except that these scammy apps promise to mine tokens that can’t be mined, in the first place.

Various apps on the Google Play Store have reportedly sprung up, offering the ability to mine Ripple (XRP) and Tether (USDT).

These “mining” apps are nothing more than schemes of thieves looking to take advantage of the growing curiosity about cryptocurrencies and mass ignorance to fulfill their twisted agenda. As opposed to mining coins, these apps show nothing but ads to their users. One of such apps that claim to help in mining XRP, displays error messages when the user requests for the tokens mined. As soon as a user clicks on the Start button, the app will display hash speeds and an increasing number of coins mined. When the user requests to withdraw the cons mined, the app will immediately show an error message that reads: “Error! Check your wallet address!”

Ads Revenue

A report shared on BleepingComputer revealed that a number of fake crypto mining apps are in no way connected to the crypto assets that they claim to mine; instead, the developers use them to drive ads traffic that generates income by showing ads to users.

They lure users searching for means of earning additional funds through mining but end up showing ads to them. By keeping these users hooked on the app, the more ads impressions they can serve and the more revenue they can generate. The proliferation of fake crypto apps for Android users has been attributed to subpar quality control measures being implemented by Google, which allows these people to feature their fraudulent apps on the Play Store.

Important Note: There have been reports of scammers approaching companies via Telegram, LinkedIn and Other Social platforms purporting to represent Blockonomi and offer advertising offers. We will never approach anyone directly. Please always make contact with us via our contact page here.


Based in the UK, Jimmy has been following the development of blockchain for several years, and he is optimistic about its potential to democratize the financial system. Follow him on Twitter: @adejimi or Contact

Beanstalk Gaming & NFTs
As Featured In
As Featured In