In a response to an emergent security threat, Apple Inc., the technology behemoth, has removed a fraudulent application posing as Trezor, a reputed cryptocurrency hardware wallet, from its App Store.
Despite this prompt action, investigations reveal that other counterfeit apps are still at large within the digital platform.
Apple’s quick trigger action against fraudulent apps
Rafael Yakobi, the managing partner at Crypto Lawyers, first spotlighted the issue on June 20th. His findings revealed that the primary result of a search for “Trezor” led to a deceptive app specifically designed to rob unsuspecting users of their cryptocurrency.
The counterfeit app, labeled “Trezor Wallet Suite,” would request the user’s seed phrase, effectively granting its operators unrestricted access to the user’s entire crypto holdings.
Yakobi cautioned that this unscrupulous app had remained active for weeks, indicating that the number of victims could easily number in the hundreds or thousands.
Subsequent scrutiny of Apple’s App Store in the United States failed to locate the particular app in question, suggesting that Apple had promptly responded to the situation by eliminating it. Apple’s standard practice is to promptly remove dubious or fraudulent applications as soon as they are alerted.
Nonetheless, a separate search for “Trezor Wallet Suite” unearthed another potential crypto bandit named “MyTREZŌR Suite: One Edition.” This app, still alive on the platform, had received only two reviews, both cautioning users that the app was a scam designed to loot their crypto.
This discovery indicated that Apple’s cleansing operation had yet to be entirely completed.
Apple’s App Store claims that it extensively scrutinizes all apps for security before being listed on the platform. Yet, despite the company’s assurances and stringent app review processes, the presence of such malicious apps casts a shadow over its commitment to protect its users from scams.
Navigating the crypto app labyrinth
Cryptocurrency users seeking mobile applications for their wallets are advised to download them from the official websites of the wallet manufacturers. Although an app for Trezor is available for iOS users, it is essentially a companion app with limited capabilities.
The crux of Apple’s argument for making the App Store the sole platform for app downloads on iOS is their rigorous app review process designed to shield users from scams. However, as evident from the recent emergence of the fraudulent Trezor app, the system seems to have been circumvented.
The predicament for users is compounded by Apple’s traditionally standoffish attitude towards Bitcoin and other cryptocurrency apps for the iPhone and iPad.
While multiple bona fide apps for managing Bitcoin and other cryptocurrencies have faced rejection by Apple, others, like this counterfeit Trezor app, have managed to slip through the cracks of the company’s review process.
The situation is ironic considering Apple’s threat last week to remove the social networking app Damus from its App Store. The app was allegedly removed because it enabled users to tip other individuals using Bitcoin-based microtransactions known as “Zaps.”
Apple’s justification was that tipping individual posts equated to selling digital content, a violation of the company’s guidelines. Consequently, Damus was compelled to strip this feature from its iOS app to ensure its continued availability on Apple’s App Store.