- ZachXBT uncovered a wallet address used in scams impersonating Hyperliquid apps.
- Fake Hyperliquid apps trick users into sharing seed phrases or approving malicious transactions.
- Google Play Store has seen a rise in fake crypto apps impersonating major wallets and exchanges.
ZachXBT, a well-known crypto investigator, alerted the community to fraudulent apps impersonating Hyperliquid on the Google Play Store. The warning flags apps that present themselves as genuine Hyperliquid platforms but are actually phishing tools designed to steal user funds.
One key address associated with the alert is 0x8c12C21C394D9174c3b1a086A97d2C5523ABb8F5, described as a theft address.
Apps like these are highly dangerous for users because if a user installs a fake app thinking it’s the legit Hyperliquid client, they may inadvertently give away access to their private keys or authorize transactions, leading to fund losses.
He also mentioned that it doesn’t seem Google and the like are doing a good job of keeping these scams off their stores and sites, especially considering this isn’t an isolated case. Google Play Store has seen a rise in fake crypto apps impersonating major wallets and exchanges, demonstrating that even official app stores are vulnerable.
Rise of Scam Apps
In June, researchers at Cyble Research and Intelligence Labs (CRIL) identified more than 20 such malicious crypto-related apps on the Play Store that impersonate real wallets or exchanges, including Hyperliquid, SushiSwap, PancakeSwap, and others. These apps often prompt users for their 12-word recovery phrase or connect them under false pretenses, allowing attackers to drain wallets.
Earlier in the year, ZachXBT linked a major Hyperliquid trader to a scammer in the UK, proving that the platform is already a known target for this kind of activity.
Be on the lookout
Always remember to check Hyperliquid’s website for verified apps or wallet integrations, or any other crypto-related website, for that matter. Never enter your 12-word recovery phrase into any app that isn’t explicitly part of your own hardware wallet or trusted service.
One of the main giveaways is that malicious apps often mimic legit ones but have few reviews and ask unusual permissions.
In the end, as fake crypto apps multiply, security depends less on unreliable app stores and more on user vigilance. Double-check sources, protect seed phrases, and assume every unverified app could be malicious.
Related: Binance Issues Urgent Reminder for Scam Alert Over Fake Listing Agents
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.