Fake Wallet App
A malicious mobile or desktop app disguised as a legitimate crypto wallet that steals seed phrases or private keys when a user enters or imports them.
Also known as: malicious wallet app, fake MetaMask, wallet clone app
Last reviewed: 10 June 2026
Fake wallet apps impersonate well-known wallets (MetaMask, Trust Wallet, Ledger Live, etc.) on app stores, third-party download sites, or via direct links in phishing messages. They present a convincing interface but their primary function is to capture and transmit any seed phrase or private key the user enters during setup or import.
They are particularly dangerous because the attack requires only that the victim initiates an import, a common action for anyone setting up a new device. Some fake apps function normally for a period before executing the theft, maintaining plausible deniability for the attacker.
Users should only download wallet apps from the developer's official website (not app-store search results) and verify the publisher name exactly. After installation, verify the app's version against the latest release listed on the official site, and never enter a seed phrase into any app until its legitimacy is confirmed through multiple independent sources.