Stop using these 22 Android crypto and wallet apps ASAP, or you risk losing all your cryptocurrency

• Fake wallet apps ask for your 12-word phrase and quietly drain your crypto funds
• CRIL found over 20 Play Store apps built solely to steal users’ crypto credentials
• Malicious apps used WebView to fake real login pages from PancakeSwap and others

New research by Cyble Research and Intelligence Labs (CRIL) has uncovered a large-scale phishing campaign involving more than 20 Android applications listed on the Google Play Store.

These apps, which appeared to be legitimate cryptocurrency wallet tools, were created with a singular purpose: stealing users’ mnemonic phrases, the crucial 12-word keys that provide full access to crypto wallets.

Once compromised, victims risk losing their entire cryptocurrency holdings, with no possibility of recovery.

How the apps work and what makes them dangerous

Many of the malicious apps were built using the Median framework, which enables the rapid conversion of websites into Android applications.

Using this method, threat ...