A scammy Bitcoin app designed to look like a harmless app was approved by Apple’s App Store review team and ended up costing one iPhone user around $600,000 from theft.
The Washington Post reports that iPhone user Phillipe Christodoulou was robbed of 17.1 bitcoin, or upwards of $600,000 at the time of the theft. Christodoulou wanted to check his Bitcoin balance in February. He checked the App Store for an app from “Trezor,” which is the company that makes the hardware device he uses to store his cryptocurrency. He downloaded an app that sported the Trezor padlock logo and green background and entered his credentials.
Unfortunately for Christodoulou, the app was fake and stole his entire Bitcoin balance stolen from him. Understandably, he is now mad at Apple. “Apple doesn’t deserve to get away with this,” he told The Washington Post.
Although Apple reviews all App Store submissions for scam apps and copycat apps, plenty of fake apps slip by the guards and can be used to scam iPhone users.
Apple says the fake Trezor app got through thanks to a “bait-and-switch” scam. While the app was called Trezor and used the Trezor logo and colors. The developer told Apple the app was a “cryptography” app that would encrypt iPhone files and store passwords.
The developer also told Apple that it was “not involved in any cryptocurrency.” After the app was submitted, it changed itself into a cryptocurrency wallet, which Apple did not detect.
Apple spokesperson Fred Sainz made a comment to The Washington Post:
User trust is at the foundation of why we created the App Store, and we have only deepened that commitment in the years since. Study after study has shown that the App Store is the most secure app marketplace in the world, and we are constantly at work to maintain that standard and to further strengthen the App Store’s protections. In the limited instances when criminals defraud our users, we take swift action against these actors as well as to prevent similar violations in the future.
Apple says that 6,500 apps were removed last year for “hidden or undocumented features.”