If you think you’re safe just because you download apps exclusively from the Google Play Store, it’s time for a wake-up call. Despite Google Play Protect’s promise of scanning for threats, several dangerous apps have slipped through the cracks — and this time, they’re targeting cryptocurrency users.
According to Cyble, a global cyber threat intelligence firm, nine fraudulent crypto wallet apps made their way to the Play Store, masquerading as legitimate wallet platforms like SushiSwap and PancakeSwap. Once downloaded, these apps phish for your wallet’s mnemonic phrase, effectively giving scammers the keys to your digital fortune.
Here’s the List of Dangerous Apps You Should Delete Immediately:
- Pancake Swap
- Suite Wallet
- Hyperliquid
- Raydium
- BullX Crypto
- OpenOcean Exchange
- Meteora Exchange
- SushiSwap
- Harvest Finance Blog
Why These Apps Are Dangerous
These apps use in-app WebView technology to display phishing websites that trick users into entering their mnemonic phrases — the 12- or 24-word “master key” that grants full access to a digital crypto wallet. Once stolen, attackers can completely drain the contents of your wallet, leaving victims with zero recourse.
What’s worse, some of the developers behind these malicious apps were previously trusted names — but their accounts appear to have been compromised and hijacked by cybercriminals.
What Is a Mnemonic Phrase?
A mnemonic phrase, also known as a seed phrase, is the most critical piece of information for a cryptocurrency wallet. Anyone with access to this phrase can access all associated funds, which is why phishing attacks are so dangerous in the crypto space.
Google Response and What You Should Do
Cyble has shared its findings with Google, and while many of the listed apps have already been removed from the Play Store, some are still under review. However, if you already installed any of these apps, removing them from the Play Store does not protect you.
🔥 Immediate Action Required
If any of the above apps are installed on your device, uninstall them immediately and consider resetting your wallet with a new mnemonic phrase if you suspect any compromise.
How to Stay Safe
- ✅ Download apps only from trusted developers.
- ✅ Double-check app names and developer details before installing.
- ✅ Never share your seed/mnemonic phrase, even if prompted by what looks like an official app or site.
- ✅ Use strong app permissions — deny access to storage, clipboard, and network access if unnecessary.
- ✅ Enable Google Play Protect, but don’t rely solely on it.
Final Word
This incident serves as a reminder that even the Google Play Store is not immune to sophisticated scams. If you’re active in the cryptocurrency space, heightened caution is essential. Always cross-verify app authenticity and never, ever share your seed phrase — no matter how convincing an app or message seems.
