A user lost over $1.6 million worth of Bitcoin and other cryptocurrencies to a fake Trezor app on Apple’s App Store
Apple users have lost over $1.6 million worth of Bitcoin and other cryptocurrencies to hackers after falling victim to a sophisticated phishing attack involving a fake version of the popular Trezor wallet on the App Store.
A user lost 17.1 Bitcoin, worth $600,000, to a fake Trezor app on Apple’s App Store
It was the quintessential right thing in their mind: They chose a hardware wallet app, sent it their Bitcoin or typed in their private keys, and embraced the ‘cold’ storage method of storing their assets instead of trusting third-party, unregulated exchanges.
But that’s where things went wrong. The Trezor app they downloaded turned out to be a fake of the original hardware wallet, meaning any Bitcoin sent to such a fake wallet address was pocketed by the cyber thieves themselves, instead of finding a way to safe storage.
One such victim was Phillipe Christodoulou, who downloaded the fake Trezor last month to check his wallet balance as Bitcoin prices shot through the roof. He downloaded the app, typed in his private credentials, and, almost immediately afterward, lost over 17.1 Bitcoin—worth $600,000 at the time and worth a significant chunk of his life savings.
Christodoulou’s not alone. Coinfirm, UK-based crypto investigations, and regulations claim to have received over 7,000 inquiries about stolen crypto assets since October 2019. It adds that such fake apps in Google’s Android Play Store and the App Store are common.
As per the firm, five people have confirmed to have lost cryptocurrency stolen by the fake Trezor on App Store for losses totaling $1.6 million. Three other users, on the other hand, have lost over $600,000 in crypto to fake Trezor apps on Android.
Apple, on its part, has not yet named the developer of the fake Trezor app or provided their contact information to victims. The firm has, furthermore, not revealed if it has provided any information to law enforcement.
Apple products and the App Store are long-regarded for their safety and security features, meaning the presence of scam applications comes as a surprise to many. The firm actively curates its store and passes each app through extensive quality tests before their listing—a move that helps increase customer trust.
It’s why users like Christodoulou are angrier at Apple than the hackers themselves. He says Apple marked the fake Trezor app as a ‘safe and trusted’ one, trusting the firm’s security instead of using his own discretion.
He said in a statement:
“They betrayed the trust that I had in them. Apple doesn’t deserve to get away with this.”
Apple said they take action against such scams:
“In the limited instances when criminals defraud our users, we take swift action against these actors as well as to prevent similar violations in the future.”
We have a manual on using Trezor with Android. Please, check it out and consider this approach as the only official solution: https://t.co/0aGOOi1TNj
— Trezor (@Trezor) January 18, 2021
Apple isn’t the only company whose app store has played host to fake crypto wallet apps. In January this year, Trezor took to Twitter to warn users of a malicious Android app in the Google Play Store that had been downloaded more than 1,000 times.
In both cases, the scammers used a phishing technique to convince hardware wallet users to enter their recovery phrase – enabling them to create a copy of the wallet and send the funds it contained to an address of their choice. Blockchain analytics firm Chainalysis reported that Christodoulou and Fajcz’s funds had been sent to a suspicious account.
- In Mendoza, A Man Was Assaulted By Two Criminals Who Posed As Bitcoin Buyers, Losses More Than $ 5,000
- Local Police In The City Of Cangzhou Arrested 13 People Accused Of Laundering Money Through A Cryptocurrency Trading Platform