Cybersecurity warnings aren’t new, but when the government and top cybersecurity experts start urging people to immediately delete specific apps, it’s time to pay attention. In June 2025, a joint alert by cybersecurity watchdogs and government agencies warned Android users to delete over 10 dangerous apps or risk losing access to their personal data, banking information, and even cryptocurrency.
These apps have been found to contain malware designed to steal sensitive data such as login credentials, financial information, and recovery phrases for crypto wallets. Some even gain unauthorized control over your device, turning your smartphone into a tool for cybercriminals.
This is not the first time Android users have been targeted. In 2023, a similar campaign using malicious apps disguised as banking tools resulted in over $10 million in financial losses globally, according to data from Kaspersky Labs. This shows a clear trend: cybercriminals are getting smarter, and mobile users must evolve to stay ahead.
Delete These 10 Dangerous Apps Now
| Feature | Details |
|---|---|
| Government Alert Date | June 2025 |
| Number of Dangerous Apps Identified | 20+ (10 flagged as high-risk) |
| Main Threats | Data theft, crypto scams, malware infection |
| Target Platforms | Primarily Android |
| Impersonated Apps | PancakeSwap, SushiSwap, Hyperliquid, BullX Crypto, and others |
| Malware Type | Trojanized crypto wallet apps |
| Official Source | Indian Cybercrime Coordination Centre (I4C) and cybersecurity firm Cyble |
The digital age comes with many conveniences—but also real dangers. Fake apps, especially those targeting crypto users, are getting smarter and harder to detect. This recent government advisory is a crucial reminder to stay vigilant, verify sources, and never share your recovery phrases.
If you’ve downloaded one of the apps listed, act quickly. Delete, scan, and secure your assets before it’s too late. Your smartphone is more than just a device—it holds your identity, money, and data. Protect it like you would your home.
Why These Apps Are So Dangerous
Imagine downloading what looks like a legitimate crypto wallet app. It has great reviews, familiar branding, and even claims to support platforms like SushiSwap or PancakeSwap. But hidden beneath this convincing surface is malware that captures your 12-word seed phrase or private keys—giving hackers full access to your funds.
According to Cyble, these apps are expertly disguised. They mimic the look, feel, and function of real financial apps but are designed to phish sensitive data.
“Some apps prompt users to enter their crypto wallet recovery phrases during setup. This is a major red flag and a sign of a malicious app,” says a Cyble spokesperson.
Moreover, many of these apps are developed and distributed through third-party websites or alternative app stores, bypassing the scrutiny of major platforms like Google Play. Once installed, they use backdoors to maintain persistence, even after being deleted.
Full List of Flagged Apps (June 2025)
While more than 20 apps have been identified, here are the top 10 dangerous apps you should delete immediately:
- PancakeSwap Wallet Clone
- SushiSwap Wallet Fake
- Hyperliquid Wallet Copycat
- Raydium Exchange Fake App
- BullX Crypto Clone
- OpenOcean Wallet
- Meteora Exchange Wallet
- Harvest Finance Copy
- Suiet Wallet Phishing App
- TokenPocket Clone
Note: The actual package names may vary. Always verify the publisher’s name on the Play Store or use official links from the project websites.
How These Malicious Apps Work
1. Look-Alike Branding
They use authentic logos, color schemes, and user interfaces to appear genuine.
2. Seed Phrase Theft
When setting up the app, users are prompted to input their recovery phrases—giving full access to hackers.
3. Hidden Permissions
Many request permissions they don’t need, such as access to SMS, storage, or device admin controls.
4. Bypassing Google Play Protect
These apps often avoid detection by using advanced obfuscation techniques, making them harder for security tools to flag.
5. Silent Background Activity
Some apps remain hidden in the background, waiting to intercept login sessions, scan contacts, or spy on keystrokes.
6. Spreading via Phishing Links
Some of these apps are promoted through social media ads, phishing emails, or fake websites that mimic the real crypto platforms.
What You Should Do Right Now
Step 1: Check Your Apps
Go to your phone’s Settings > Apps and scan for any of the apps listed above.
Step 2: Uninstall Suspicious Apps
If you find any, uninstall them immediately. If you can’t, go to Settings > Security > Device Admin Apps, disable them, and then uninstall.
Step 3: Run a Security Scan
Use Google Play Protect or a trusted antivirus like Bitdefender, Malwarebytes, or Norton Mobile Security to scan your device.
Step 4: Change Passwords
If you’ve used any of these apps, immediately change all related account passwords and consider enabling 2FA (Two-Factor Authentication).
Step 5: Monitor Financial Activity
Keep a close eye on your bank statements and crypto wallets for any suspicious activity.
Step 6: Consider a Factory Reset
If your phone is behaving abnormally or if malware persists, consider doing a full factory reset—after backing up essential data.
Step 7: Report the App
Report malicious apps to Google Play, the Indian Cybercrime Portal, or your country’s equivalent cybersecurity body. This helps prevent further spread.
How to Identify Fake Apps in the Future
- Check Developer Info: Legit apps are published by trusted developers.
- Read Reviews Carefully: Many fake apps have generic or overly positive reviews.
- Use Official Links: Always download from official websites or trusted app store links.
- Avoid Unknown App Stores: Stick to Google Play or Apple App Store.
- Watch Permissions: Be skeptical of apps requesting permissions unrelated to their purpose.
- Search Before Installing: A quick Google search can reveal if a new app is being flagged by security researchers.
Studio Ghibli’s Magic Takes Over India – Udaipur Tops Search Trends!
New Expressway Project Between Noida & Greater Noida in the Works – Details Here
WhatsApp Users Beware! Hackers May Be Accessing Your Private Data!
Expert Insights and Recommendations
Cybersecurity experts suggest the following:
- Use Hardware Wallets: For storing large amounts of cryptocurrency, hardware wallets like Ledger or Trezor are more secure.
- Install App Verification Tools: Apps like VirusTotal or AppChecker can analyze and flag suspicious APKs.
- Enable Play Protect Settings: Go to Play Store > Play Protect settings > Enable full scanning.
- Avoid Entering Recovery Phrases on Phones: Only enter your recovery phrases into secure environments, preferably offline or hardware devices.
FAQs
Q1: What if I already installed one of these apps?
Delete it immediately, run a full antivirus scan, and change your account credentials—especially your wallet recovery phrases.
Q2: Are iPhones also affected?
Most reported cases involve Android. However, iOS users should also be cautious about third-party app downloads.
Q3: How do I know if an app is safe?
Check for official links, developer authenticity, and permissions requested. When in doubt, do a quick online search.
Q4: Can Google Play be trusted?
While Google Play uses Play Protect, malicious apps can still slip through. Always be cautious and double-check.
Q5: What is the safest way to manage crypto wallets?
Use hardware wallets or reputable apps like Trust Wallet, MetaMask (official site only), and Ledger Live.
Q6: How often should I audit my installed apps?
A monthly audit of your apps is recommended. Remove anything you don’t recognize or no longer use.
Q7: What tools can help me spot fake apps?
Use app analysis platforms like VirusTotal or use mobile antivirus tools that offer real-time protection.
Q8: Can two-factor authentication help protect against these threats?
Yes. Always enable 2FA on every account. It adds a layer of security even if credentials are compromised.
Q9: Is using public Wi-Fi risky with sensitive apps?
Yes. Avoid managing wallets or entering sensitive information over unsecured Wi-Fi networks. Use a VPN if needed.
