20 Malicious Crypto Apps Found on Google Play Store
The Google Play Store remains the primary platform for Android users to download apps. Despite Google’s strict app verification policies, some malicious applications still manage to bypass security checks and make their way onto the store. This issue becomes even more critical when it comes to crypto wallet apps , where a single mistake can lead to significant financial loss.
According to a new report by Cyble Research and Intelligence Labs , at least 20 crypto phishing apps have been discovered on the Google Play Store. These apps mimic popular cryptocurrency wallets in an attempt to deceive users into handing over their sensitive login credentials. Once installed, they prompt victims to enter their 12-word recovery phrases — giving attackers full access to their digital assets.
“What makes this phishing campaign particularly dangerous is the use of seemingly legitimate apps hosted under previously benign or compromised developer accounts,” Cyble reported. “These apps are supported by a large-scale phishing infrastructure connected to more than 50 domains, significantly expanding the reach of the scam while reducing the chances of detection.”
Some of these fake apps share the same names as genuine wallets but differ in package identifiers, allowing them to avoid immediate suspicion. After filtering out duplicates, here are the 9 newly identified malicious apps found on the Play Store:
- Pancake Swap
- Suite Wallet
- Hyperliquid
- Raydium
- BullX Crypto
- OpenOcean Exchange
- Meteora Exchange
- SushiSwap
- Harvest Finance Blog
Cyble warns that scammers are using developer accounts previously associated with legitimate apps to increase trust and evade Google’s security systems. These accounts are often compromised and repurposed for distributing malware.
If you’ve downloaded any of these apps, it’s crucial to uninstall them immediately. In 2024 alone, losses from crypto-related scams were estimated at $9.9 billion , and experts warn that this number could rise sharply in 2025 due to the increasing use of AI in cybercrime operations.
