Apple recently removed a fake and malicious Trezor crypto wallet app from the App Store after a researcher revealed its presence.
In particular, such an app is designed to steal users’ crypto currency. Below are all the details.
Fake Trezor wallet app created to steal crypto: Apple is taking action
As expected, an allegedly malicious app posing as a Trezor crypto hardware wallet has been removed from Apple’s App Store. However, a quick search revealed that other copycat apps are still out there.
Yesterday earlier in the day, Raphael Jacobi, managing partner of Crypto Lawyers, posted a security warning regarding Apple’s App Store. Specifically, Yakobi reported that the first result of a search for “Trezor” was a malicious app designed to steal cryptocurrency.
As a result, it warned Apple users about the risk of the bogus app dubbed “Trezor Wallet Suite”, wrote the following on Twitter:
“The first search result for “Trezor” in the Apple App Store is a malicious app that requests your seed phrase, allowing the operators to steal all of your crypto.
The name of the malicious application is ‘Trezor Wallet Suite’. You can check it out for yourself.
This app has been running for weeks, although the total number of victims is unknown, it could easily run into the hundreds or thousands. The proper and safe use of cryptocurrencies requires extreme due diligence. If you know anyone who uses a Trezor, please let them know.”
Apparently based on the testimonials, the app is no longer men Apple’s App Store, a fact that once again shows Apple’s willingness to remove potential threats to protect users.
Are there any other threats in the App Store related to Trezor wallets?
Despite Apple’s near-immediate resolution of the problem, other users’ searches for “Trezor Wallet Suite” turned up another potentially malicious application called “MyTREZŌR Suite: one edition.”
This application had only two reviews and they were both warnings that it was a scam aimed at stealing cryptocurrency, suggesting that Apple has not yet fully completed the cleanup.
For its part, Apple insists that the apps have been in its official App Store checked and deleted to ensure safety. As a reminder, the safest way to download crypto wallet mobile apps is through the manufacturer’s official website.
It is important to note that while an app is available to Trezor users on iOS, it only offers limited functionality and is considered a supplementary app.
In any case, according to the article published on Apple’s 9to5mac.com, it appears that the world’s largest technology company not particularly supportive of cryptographic apps, which are only approved under strict conditions.
The article actually says the following:
“While Apple claims the App Store is a trusted place to fight sideloading, in reality even Apple can’t keep the App Store scam-free.”
Apple lashes out at Damus over some Bitcoin-related actions
Last week, Apple threatened to ban the Damus app from the App Store because it apparently had a feature that allowed users to exchange tips via Bitcoin.
We see that Nose works similarly to other social networks, such as Mastodon and Bluesky (all somehow inspired by Twitter), but has some unique features.
Damus, an app available for Apple devices, allows users to access Nostr and provides a feature called “Zaps”, which consists of Bitcoin-based microtransactions.
This means that users can “zap” each other as a form of support for content creators. This feature is available in both user profiles and individual posts.
However, recently there have been changes due to a decision by Apple. On Tuesday, Apple even informed Damus developers that the app would be removed from the App Store against company guidelines.
Specifically, Apple reiterated that allowing users to send money in response to content posted on the social network was considered “selling digital content.”
In addition, Apple expressed concern about the “Zaps” feature not relying on in-app purchases.
Anyway, after the negative response received, Apple contacted Damus developers again to request a solution to keep the app available in the App Store.
The two groups therefore reached one agreement allowing Damus to continue using Zapping transactions, but only on user profiles. The option to send Zaps to individual messages is no longer available as Apple still considers it an option sale of digital content.