Crypto wallet apps help cryptocurrency users to create, store, and manage keys, sign transactions, and keep track of funds. However, if these apps are not adequately protected, attackers can exploit security vulnerabilities in them to steal the private keys and gain ownership of the users’ wallets. We develop a semi-automated security assessment framework, Horus, specifically designed to analyze crypto wallet Android apps. We perform semi-automated analysis on 311 crypto wallet apps and manually inspect the top 18 most popular wallet apps from the Google Play Store. Our analysis includes capturing runtime behavior, reverse-engineering the apps, and checking for security standards crucial for wallet apps (e.g., random number generation and private key confidentiality). We reveal several severe vulnerabilities, including, for example, storing plaintext key revealing information in 111 apps which can lead to losing wallet ownership, and storing past transaction information in 11 apps which may lead to user deanonymization
