According to the users who have already been scammed, the app steals Ethereum (ETH) private keys and moves funds. Once the IDEX trader logs in, he/she is immediately blocked and loses access to his/her coins.
Too many red flags
The CryptoVigilante Telegram channel—which addresses cryptocurrency scams and frauds—has reported a very suspicious Android application available on the Google Play store. It impersonates IDEX, the decentralized Ethereum (ETH)-based crypto exchange, which is one of the veterans of the DEX segment.
The application imitates the interface of the mobile version of the real IDEX site, as well as the IDEX logo. No information about official applications, either for Android or iOS, is available on IDEX's main website.
Despite the IDEX exchange working since 2017, this application has been downloaded only 100+ times, according to Google Play statistics.
This shady application was uploaded to Google Play only a month and a half ago by a very strange developer. He/she uses an email address on a free domain as his/her main contact. It appears that this is the only Android application publicly uploaded by this dev.
Moreover, the CryptoComes team has disclosed that there is a downloadable APK-version of this app on some unofficial platforms for Android users.
Victims report losing funds
The application has a 3.9 rating, which would be very low for the official app of a top-notch Ether-based exchange. All public reviews available describe the manner it uses to steal users' funds.
According to the latest review by a victim, the application blocks the user after signing in with his/her private and public keypair for his/her Ethereum account. CryptoVigilante added that the Ether address used by scammers is disclosed.
Etherscan.io indicates that the fraudsters managed to drain the wallets of blatant investors of almost $10,000 in the last five days.
Downloading applications from the official site of a platform with a valid certificate and HTTPS encryption is the only secure way to install a mobile app. Always double check the domain name, certificate and encryption. Typically, this information is available on the left side of the address bar of your browser.