- Fake wallet apps ask for your 12-word phrase and quietly drain your crypto funds
- CRIL found over 20 Play Store apps built solely to steal users’ crypto credentials
- Malicious apps used WebView to fake real login pages from PancakeSwap and others
New research by Cyble Research and Intelligence Labs (CRIL) has uncovered a large-scale phishing campaign involving more than 20 Android applications listed on the Google Play Store.
These apps, which appeared to be legitimate cryptocurrency wallet tools, were created with a singular purpose: stealing users’ mnemonic phrases, the crucial 12-word keys that provide full access to crypto wallets.
Once compromised, victims risk losing their entire cryptocurrency holdings, with no possibility of…
