The fake Trezor app has been downloaded by at least 1,000 people on the Android’s app store Google Play.
Trezor, a major hardware cryptocurrency wallet supplier, has warned its users about a fake Trezor application on Google Play.
According to Trezor, the fake app is malicious and has no relation to Trezor or SatoshiLabs, a company that created the Trezor wallet. Announcing the news on Jan. 18, Trezor asked its clients to not install the malicious application, reminding users that they should never share their seed phrase with anyone.
Warning to all Trezor owners using Android devices!
This app is malicious and has no relation to Trezor or SatoshiLabs. Please, don’t install it.
Remember that you should never share your seed with anyone until your Trezor device asks you to do it! pic.twitter.com/6C3iKfPDnR
— Trezor (@Trezor) January 18, 2021
Trezor also provided its users with a short manual on using Trezor wallet with Android. In the manual, the company listed major third-party Trezor apps including Mycelium, Sentinel or Walleth.
At publishing time, the malicious app is still available on Google Play. As of Jan. 18, the app was reportedly downloaded more than 1,000 times. The doppelgänger app also has about 200 reviews on the app store, with the majority warning that it is a scam. “This app is a scam. Never enter your recovery phrase in anything except an official hardware Trezor. Anyone that asks for this phrase (besides a physical Trezor) is trying to scam you),” one supposed user wrote.
Trezor did not immediately respond to Cointelegraph’s request for comment.
This is not the first time that a fake app has been listed on Google Play. In May 2019, Cointelegraph reported on a malicious Google Play app imitating Trezor wallet. The app was found by ESET antivirus researchers, who said that they expect more crypto scam apps to enter the Android store as the crypto market grows.
Online scammers have been targeting other popular crypto companies to impersonate their apps on Google and steal money from users. In May 2020, a cybersecurity researcher discovered 22 malicious Google Chrome extensions imitating crypto services like Trezor’s rival Ledger and major Ether (ETH) wallet MetaMask.