Back

Scam Alert: Fake Android App of Flagship DeFi Aave Protocol Detected in Google Play

Beware: don't download fake Aave Protocol app from Google Play. And don't click on its ads!

article image
Cover image via stock.adobe.com

One of the most popular decentralized financial ecosystems (DeFis), Aave Protocol (AAVE), has been attacked by scammers. While a fake Aave application in Google Play is seeking users' private keys, fraudulent Aave clones occupied the top Google Ads slots.

Not that sort of Aave Protocol (AAVE)

Eagle-eyed DeFi segment enthusiasts have noticed an unauthorized Aave Protocol (AAVE) application in Google Play, Google's official marketplace for Android apps. This application was uploaded to Google Play on Nov. 19 and, since its first release, has already been downloaded 100+ times.

Aave Protocol (AAVE) fake app disclosed in Google Play
Image via Google Play

Needless to say, Aave Protocol (AAVE) has not mentioned any sort of mobile application on its official website. All of the positive reviews do not look like the impressions of normal people, while the latest ones speak for themselves:

This is a scam impersonating AAVE protocol, never insert your private key or seed into this app! (...) Its a SCAM app asking for your Private Key. DO NOT INSTALL!!! (...) Scam app. DO NOT USE! They will ask for your private keys and steal your funds. Beware!

The fake application has plagiarized the original content of Aave, including promotional texts, interface design, logos and the like. The scammers even abused the domain name of Aave, pretending that app@aave.com is their email address.

Also, fake reviews state that users can earn seven percent in APY, while the maximum rate offered by the original Aave Protocol is 5.98 percent for USD Coin (USDC) stablecoin.

Google fails to tackle impersonating frauds

Typically, this sort of fraudulent application is utilized to hijack users' keypairs to drain his/her Ethereum and ERC-20 funds. Also, these apps steal 2FA codes and compromise all devices affected. Thus, crypto holders may lose their seed phrases and passwords.

Unfortunately, this is not the only way impersonators of Aave Protocol may damage Google users. Should DeFi enthusiasts search for "Aave Protocol" on Google, all Google Ads slots will display the domains of scammers. By adding numbers/homoglyphs, they redirect crypto holders to fake Aave sites and also compromise their keypairs.

At the same time, Google remains super cautious when it comes to other types of crypto-focused advertising. But scammers' websites and fraudulent airdrops still disturb the crypto audience.

👉 MUST READ Polkadot (DOT) Breaks Into Top 5, Aave Protocol (LEND) Surpasses Maker, DEX Trading Volume Over $8,000,000,000 In August: DeFi Market Updaterelated article image

Aave Protocol, a veteran DeFi product, is among the top beneficiaries of the ongoing DeFi craze. It witnessed triple-digit gains for several months in a row and was mentioned by CoinGecko as the top performer of July 2020.

Aave Protocol (AAVE) is Top5 DeFi
Image by DeFi Pulse

At press time, it is ranked among the Top 5 DeFis by total value locked (TVL) according to popular analytical service DeFi Pulse.

Only the most important posts per day. Infographics, analytics, reviews & summaries. Follow us on Facebook!

article writer image
Vladislav Sopov

Blockchain Analyst & Writer with scientific background. 5+ years in IT-analytics, 2+ years in blockchain.

Worked in independent analysis as well as in start-ups (Swap.online, Monoreto, Attic Lab etc.)