cryptocurrency drainer

Cybersecurity researchers have discovered a malicious Android application on the Google Play Store that has stolen approximately 0,000 in cryptocurrency from users over nearly five months. The app, disguised as the legitimate WalletConnect protocol, was identified by Check Point and had over 10,000 downloads due to fake reviews and consistent branding. Around 150 users are believed to have been affected, although not all who downloaded the app were targeted. The app operated under various names, including "Mestox Calculator" and "WalletConnect - Airdrop Wallet." It has since been removed from the Play Store but can still be accessed through third-party app stores. The malware, known as MS Drainer, prompts users to connect their wallets and authorize transactions, allowing attackers to withdraw funds. If victims do not revoke permissions, attackers can continue to drain assets from their wallets. Another malicious app, "Walletconnect | Web3Inbox," was also identified, which had over 5,000 downloads.