Fake Trezor iPhone App Scams User Out of $600,000 in Bitcoin

Mar 31, 2021 | Decrypt News | 0 comments


A malicious smartphone app on Apple’s App Store, mimicking the name and visual style of Trezor hardware wallets, was used to steal 17.1 Bitcoin (BTC) from an unsuspecting user—worth $600,000 at the time, and over a million dollars today.

Per a report in The Washington Post, Trezor user Phillipe Christodoulou had stored his Bitcoin on a Trezor hardware wallet, and—wanting to check his balance—downloaded an app purporting to be from Trezor on the iOS App Store.

Although Trezor does not currently support Apple’s iOS mobile operating system and does not have a mobile app, the app used the company’s name and branding, and had a user rating of nearly five stars—making it appear trustworthy.

After Christodoulou downloaded the app and entered his credentials, all of his crypto immediately disappeared.

“They betrayed the trust that I had in them. Apple doesn’t deserve to get away with this,” Christodoulou said.

Christodoulou isn’t the only person to fall victim to the scam; Georgia resident James Fajcz also told the outlet that he lost $14,000 worth of Bitcoin and Ethereum to the fake app.

Apps slipping through the cracks

Apple touts its store as “the world’s most trusted marketplace for apps.” Speaking to the Washington Post, a spokesperson for Apple explained that all apps undergo a rigorous review process—but acknowledged that there have been other cryptocurrency scams on the App Store. The app that was used to scam Christodoulou was available on the App Store from at least January 22 to February 3 and was downloaded around 1,000 times.

How To Keep Your Bitcoin Safe And Secure

In this specific instance, the fake Trezor app was initially presented in the “cryptography” category—as a solution for encrypting iPhone files and storing passwords—before it was changed by the developers into a crypto wallet app. Apple told the Washington Post that it had removed 6,500 apps for “hidden and undocumented features” last year, but acknowledged that it relies on users and customers to report fake apps. When Christodoulou checked the written reviews for the fake Trezor app, he read numerous complaints from others who had been scammed in the same way.

Apple isn’t the only company whose app store has played host to fake crypto wallet apps. In January this year, Trezor took to Twitter to warn users of a malicious Android app in the Google Play Store that had been downloaded more than 1,000 times.

“We don’t allow apps that mislead users by impersonating another app, developer or company, and when we discover an app that violates our policies, we take appropriate action,” Google spokesperson Colin Smith told the Washington Post; the company noted that it had recently identified and removed two fake Trezor apps from the Google Play Store, though analytics firm App Figures reportedly identified eight fake apps on the store.

In both cases, the scammers used a phishing technique to convince hardware wallet users to enter their recovery phrase—enabling them to create a copy of the wallet and send the funds it contained to an address of their choice. Blockchain analytics firm Chainalysis reported that Christodoulou and Fajcz’s funds had been sent to “a suspicious account.”

It goes without saying that you should never enter your wallet recovery phrase into an app—however convincing it might look at first glance.

News Source from Decrypt.co

Related Articles

South Korea to Crack Down on Phishing Websites Attacking Crypto Users

South Korea to Crack Down on Phishing Websites Attacking Crypto Users

South Korean authorities are intensifying their monitoring of phishing activity related to cryptocurrencies. The government has identified a record number of websites trying to obtain login details from crypto exchange users. Over 30 sites have been taken down in just...

TSX-traded bitcoin miner Bitfarms scores approval to list on Nasdaq

TSX-traded bitcoin miner Bitfarms scores approval to list on Nasdaq

Bitfarms, a publicly traded bitcoin mining firm, announced on May 7 that it had won approval to list on the Nasdaq Global Market. The timing of the listing is unclear at this time, though the firm said that it was moving "expeditiously" to "confirm Bitfarms’ common...

ETH price breaks above $4,000 to set new record highs

ETH price breaks above $4,000 to set new record highs

The price of Ethereum has jumped above $4,000 for the first time. The price of the second largest cryptocurrency by market capitalization climbed above the $4,000 level around 3:00 UTC on Monday just a week after breaking through the $3,000 level. It is changing hands...

Pin It on Pinterest

Share This