Security Risks of Crypto Assets Applications: Hidden Dangers in App Stores and Preventive Measures

In recent years, with the booming development of the Crypto Assets industry, various related applications have sprung up in mobile app stores like mushrooms after rain. These applications provide users with a wealth of trading, investment, and digital asset management tools. However, among these applications, there are also some cleverly disguised scam software that poses a serious threat to the security of users' assets.

This article will take the iOS App Store as an example to explore the issue of counterfeit Crypto Assets software existing in the current app market, analyze the reasons behind it, and illustrate the potential harm these high-fidelity applications may cause through practical cases, in order to remind users to be vigilant.

The Current Situation of Counterfeit Crypto Assets Applications

Taking two well-known Crypto Assets platforms as examples, these platforms have become the primary targets for scammers to imitate due to their high visibility in the industry.

A certain multi-chain NFT marketplace platform provides users with services to buy, sell, and discover digital artworks. However, a team member of the platform discovered on March 7 that counterfeit applications imitating the platform had appeared in the app store, using the platform's reputation to commit fraud. These fraudulent applications mimic the official website and user interface, luring users to download and use them, and then requesting sensitive information such as wallet private keys to carry out the scam. Since the platform does not have an official application in the mobile app store, it is difficult for users to identify the authenticity of these malicious applications.

Similarly, a decentralized exchange based on a public chain has also seen counterfeit applications. The comments section of the app is filled with warnings about scams. Users have reported that after downloading the app from the app store and linking their wallets, authorization operations led to the theft of their $1250 funds. In addition, the app also steals users' mnemonic phrases for further theft.

Scam Address Analysis

A victim user stated on social media that he downloaded a counterfeit application of a certain DEX from the app store, and after linking his wallet, his mnemonic phrase was stolen, resulting in all his on-chain assets being cleared. Based on the scam address published by the user, we conducted an in-depth analysis.

The analysis results show that from January 11, 2024, to March 30, 2024, the address stole the mnemonic phrases of 298 suspected victims and laundered funds amounting to 353.6 ETH and 330,500 USDT. The types of Crypto Assets flowing into this address were diverse, mainly consisting of various niche tokens. The hacker used a certain DEX to exchange these tokens for USDT, which were then dispersed and stored in four different addresses. Some of the profit funds have been transferred through cross-chain bridges or directly to a certain centralized exchange. Currently, this scam address has been marked as a phishing address and ceased activity on March 30.

These cases clearly indicate that the threat of counterfeit crypto assets applications is real and urgent. This not only harms the interests of users but also negatively impacts the reputation of related brands. The craze for crypto assets has raised higher demands on the review process of mobile application stores.

Reasons for the Proliferation of Counterfeit Applications

The review process has vulnerabilities.

Despite the strict review process of app stores, there are still some loopholes. Developers may exploit these loopholes to temporarily pass off counterfeit or fraudulent applications. App stores typically rely on automated tools and manual checks to assess the security of applications, but once an application is approved for listing, if it is later used for malicious purposes, it may take some time to be discovered and removed. Criminals take advantage of this time lag to quickly spread malware, causing harm to unsuspecting users.

Abuse of technical means

Illegal developers may use advanced technological means to evade security detection. For example, techniques such as code obfuscation and dynamic content loading can conceal the true intentions of applications, making it difficult for automated security detection tools to recognize their fraudulent nature. These methods provide a layer of protection for counterfeit applications, allowing them to appear as legitimate software when under review.

User Trusted Utilization

Developers of counterfeit applications mislead users into downloading and using their apps by imitating the appearance and name of well-known applications, leveraging users' recognition and trust in the brand. Since users generally believe that the applications in app stores are rigorously vetted, they may not conduct the necessary scrutiny, making them more susceptible to becoming victims of fraud.

Prevention Suggestions

To prevent such situations, app stores should continuously improve their app review processes; official projects should promptly combat counterfeiting; Crypto Assets users should take preventive measures, such as carefully checking developer information, thoroughly reading app ratings and feedback before downloading, and promptly reporting suspicious apps.

Only through the joint efforts of multiple parties can we create a safer environment for users to use Crypto Assets applications and protect the security of users' assets.