Exposing the Fake Wallet Industry in the Crypto Market

This article aims to expose the concepts, dangers, distribution and dissemination methods of fake wallets, so that users can fully understand the dangers of using and spreading fake wallets, and hope to improve users' ability to identify fake wallets and fake official websites, ensuring that users can safely and securely control their assets.

Nowadays, the concept of blockchain has been deeply rooted in people's minds, and digital wallets have become the main way for people to understand and participate in the blockchain ecosystem. However, driven by profit, some people take risks and embark on the criminal path of making and spreading fake wallets. Currently, fake wallet websites and applications already exist in large numbers on the Internet, becoming a "stumbling block" for novices to get started, and bringing huge potential risks to personal assets.

This article aims to expose the concepts, dangers, distribution and dissemination methods of fake wallets, so that users can fully understand the dangers of using and spreading fake wallets, and hope to improve users' ability to identify fake wallets and fake official websites, ensuring that users can safely and securely control their assets.

What is a fake wallet?

Fake wallets are created by fraudsters by decompiling genuine wallet apk or ipa, adding the function of stealing private key and mnemonic data used to create or import wallets, repackaging and distributing them to the network to guide users to download. Once a user downloads and uses a fake wallet, the private key and mnemonic data will be automatically synchronized to the fraudster's server for monitoring. Once a large amount of assets is detected, they will be immediately stolen or malicious multi-signatures will be set, eventually leading to asset theft.

You can view the wallet version number, hash value and other data through the download page of the TokenPocket official website. Any client that does not match the official version data is a fake wallet. You can verify the authenticity of the wallet through the installation package hash value verification tutorial.

Genuine TokenPocket verification method:

1️⃣Official website verification: https://verify.tpwallet.io/

2️⃣Text tutorial: https://help.tokenpocket.pro/en/secirity-knowledge/protective-measures/verification

3️⃣Video tutorial: https://www.bilibili.com/video/BV18M4y1B7Hy

Note: For genuine TP Wallet, please identify the developer as: TP Global Ltd

Fake wallets are a huge threat

Third-party channel data:

The Trend+ research team found fake versions of all the most popular crypto wallet apps, including TokenPocket, imToken, MetaMask, Trust Wallet, and Bitpie. In total, researchers said they found 249 fake apps that were downloaded by victims around the world, including the United States, France, Germany, Australia, New Zealand, and Japan.

 Data source: Trend+ Security Team

The research results of the SlowMist AML team show that according to incomplete statistics, as of 2021, the number of victims whose assets were stolen due to downloading fake wallet apps has reached tens of thousands, and the amount of stolen assets has reached 1.3 billion US dollars. At present, this stolen data is still in an explosive growth trend.

According to statistics on victim information collected by SlowMist MistTrack, the proportion of thefts due to downloading fake wallet apps accounted for 61% of the victims' thefts, while private key leakage accounted for 28%. Other reasons included authorization theft, fraud, and contract loopholes.

 Data source: SlowMist Security Team

The Bitrace team has been paying close attention to the criminal trend of currency theft for a long time, and has conducted special analysis, tracking and reporting on this type of fake wallet multi-signature scam.

The main symptoms of malicious multi-signature of TRON wallets caused by fake wallets are: unable to use their own cryptocurrency wallet APP normally, specifically manifested as transfer errors, unable to call other on-chain contracts, but transfers are normal, and finally the assets in the account are transferred away at once. After investigation, it was found that the download of fake wallet APPs led to key leakage, and then the thieves illegally changed the account permissions.

 Data source: BiZhui Security Team

Based on the data from the BitTorrent, SlowMist and Trend+ security teams, we can fully see the serious harm caused by fake wallets and the huge amount of assets defrauded. These fraudulent activities are spread through various means, and a huge industrial chain has been formed behind them. Fake wallet fraud activities widely harm the user group and cause serious economic damage to users.

Fake wallet production and distribution channels

1. Search engine channels:

In our daily lives, search tools have become a very common channel for obtaining information. Because of their universality, scammers cleverly use people's usage habits and the optimization of search product rankings to achieve their fraudulent purposes. Data shows that scammers manipulate search engine results, optimize the exposure of false information, and place fraudulent content such as fake wallet source codes at the forefront of user search results, increasing the possibility of being viewed or spread.

For example, using [TP wallet source code] to search in Google and Baidu, some results are as follows:

 Baidu search results

 Google Search Results

2. Video distribution channels

The spread of fake wallets through video platforms has become a major channel, with a clear upward trend recently, becoming another "highlight" for scammers after spreading fake official websites. The spread of videos is very misleading to new users and is more harmful. The following is a display of some of the search results.

3. Social media channels

Fake wallet source codes are also spread through social platforms, especially in QQ communities, WeChat communities, and Telegram communities. Fraudsters take advantage of the wide user base of social platforms to spread tutorials and promotions of fake wallet source codes in groups, and even lure users to participate in the distribution and dissemination of fake wallets or fake wallet source codes, and distribute profits according to the proportion of dissemination performance or the proportion of stolen assets.

The following are some malicious source codes or content spread by the stolen assets technology community.

The spread of fake wallet source code and the creation of fake wallets are the root causes of fake wallet dissemination. Through the above channels, we learned that the current situation is not optimistic. Scammers make full use of the mainstream channels of network dissemination to form a complete industrial chain. This poses a huge threat to the entire blockchain environment, because almost all mainstream wallets can find information about fake wallets on the Internet.

Fake wallet distribution channels

Baidu is the most commonly used search engine, with a historical market share of 84.3%, followed by Bing and Sogou. The search engine market share data are as follows:

The results of searching for TP wallet on the top four search engines are as follows:

 Baidu search

 Bing Search

 Sogou Search

 Google Search

According to the search data above, fraudulent activities disguised as fake wallets have spread widely to mainstream search platforms. These fraudulent activities usually spread fake wallets by forging official website links, making fake videos or using other means of guidance.

We strongly recommend that users improve their security awareness and make sure to visit the TP wallet official website: tokenpocket.pro tpwallet.io or other official recommended channels (Google Play, etc.). Using a genuine wallet is the most basic guarantee for asset security.

How to prevent fake wallets

Downloading and verifying wallets are basic knowledge that we should all master in the blockchain field. At the same time, it is crucial to develop good usage habits, especially for decentralized self-custody products, be sure to choose official channels. Here are some suggestions to help reduce the risk of encountering fraudulent activities.

1. Choose search results carefully: When choosing search results, avoid relying on the recommended results in the search engine. Fraudsters may promote fake wallets by forging official website links, making fake videos, or other deceptive means. Using the official website link is the safest choice.

2. Verify the official website: Only use the official website to access the wallet. For TokenPocket users, make sure you only use tokenpocket.pro tpwallet.io or other official recommended channels (GooglePlay, etc.).

3. Use enhanced security products: TokenPocket supports diversified security products, such as cold wallets, hardware wallets, multi-signature wallets, AA smart wallets, Passphrase hidden wallets, NFC backup cards, privacy wallets, etc. These functions or products provide additional security and play a decisive role in the security of assets.

4. Strengthen learning: Continue to learn about the security and anti-fraud knowledge of blockchain wallets, and remain vigilant against new fraud methods. By taking these precautions, users can minimize potential risks such as using fake blockchain wallets and ensure the safety of digital assets.

Asset security advice

When using a decentralized self-hosted wallet, the most important thing to avoid is some tedious matters, such as the backup of the private key mnemonics must be done offline, and be kept well to avoid loss or leakage (you can choose an offline backup method such as a backup card using NFC). The most important thing to avoid is security, from phishing scams for small transfers to fake wallets, malicious authorization or malicious multi-signatures, every careless omission may lead to asset risks.

Especially on the Android client, due to its high openness, some malicious apps can easily obtain more permissions. Therefore, please be sure not to use unofficial blockchain-related products at will, and do not use any online platform to save private keys and mnemonics to ensure that your assets are away from potential threats. In the field of digital assets, it is crucial to always be vigilant and cautious.