A new cybersecurity alert has sent shockwaves across the crypto community. According to a report by Cyble Research and Intelligence Labs (CRIL), over 20 fake cryptocurrency wallet apps have been found on Google Play Store. These apps are designed to steal users’ wallet recovery phrases, putting their entire crypto balance at serious risk.
These malicious apps are disguised as legitimate crypto wallet tools. Their primary objective is to trick users into entering their 12-word recovery phrase — a critical key that allows access and restoration of any crypto wallet. Once this phrase is compromised, hackers gain complete control over the user’s digital assets and can transfer all funds without detection.
Uploaded via legitimate-looking developer accounts that previously launched games or video apps.
Contain phishing links and mimic the look and feel of trusted DeFi wallets.
Target users of popular decentralized platforms like SushiSwap, PancakeSwap, Raydium, and Hyperliquid.
Use names, icons, and package IDs that appear authentic, making it easy for users to be deceived.
| App Name | Package Name |
|---|---|
| Suiet Wallet | co.median.android.ljqjry |
| SushiSwap | co.median.android.pkezyz |
| Raydium | co.median.android.epwzyq |
| Hyperliquid | co.median.android.epbdbn |
| BullX Crypto | co.median.android.braqdy |
| Pancake Swap | co.median.android.djrdyk |
| OpenOcean Exchange | co.median.android.ozjjkx |
| Raydium | co.median.android.pkzylr |
| Hyperliquid | co.median.android.djerqq |
| Suiet Wallet | co.median.android.noxmdz |
| Suiet Wallet | co.median.android.epeall |
| SushiSwap | co.median.android.brlljb |
| Meteora Exchange | co.median.android.kbxqaj |
| BullX Crypto | co.median.android.ozjwka |
| Suiet Wallet | co.median.android.mpeaaw |
| Hyperliquid | co.median.android.aaxblp |
| Raydium | co.median.android.yakmje |
| Hyperliquid | co.median.android.jroylx |
| Pancake Swap | co.median.android.pkmxaj |
| Harvest Finance Blog | co.median.android.ljmeob |
| (Repeat) Hyperliquid | co.median.android.epbdbn |
| (Repeat) Raydium | co.median.android.epwzyq |
Delete any of the apps listed above if installed on your device.
Never enter your wallet recovery phrase in any unofficial app or website.
Download wallet apps only from verified sources or the official website of the crypto platform.
Enable two-factor authentication (2FA) for added security.
Monitor your wallet activity regularly and report any suspicious transactions.
Go to Settings > Apps or Apps & Notifications
Locate the suspicious app
Tap on it and select Uninstall
If the app has device admin access and won’t uninstall:
Go to Settings > Security > Device Admin Apps
Disable the app’s admin access
Go back and uninstall it
Even apps on the Google Play Store can be deceptive. Just one careless tap can lead to the theft of your entire crypto portfolio. Always double-check, install apps only from trusted sources, and never share your seed phrase with anyone.
Share this warning with your crypto circles – your one click might save someone’s savings.
