- The first result in a “Trezor” search was a malicious app created to steal cryptocurrency
- Trezor Wallet Suite asks for seed phrases and lets operators steal cryptoassets
Apple has taken an apparently malicious app masquerading as Trezor, the crypto hardware wallet, off its store, but it seems like there are still a number of copycat ones on the market, Cointelegraph reported.
App was created to steal crypto
Rafael Yakobi, Managing Partner at Crypto Lawyers, posted a security alert about Apple’s App Store on June 20. He reported that the first result in a “Trezor” search was a malicious app created to steal cryptocurrency.
Hundreds of thousands of victims?
He warned Apple customers that the fake app, called Trezor Wallet Suite, would ask for their seed phrases and let operators steal all of their assets. He added the app had been up for a long time and there could easily be “hundreds or thousands” of victims.
A Trezor search yielded nothing, but a related search for “Trezor Wallet Suite” returned “MyTREZOR Suite: One Edition”, another potentially malicious app. Both of its only two reviews warned the app was a scam and would steal crypto.
Download wallet apps from official sites
Apple assures that it vets and clears all apps on its official App Store for security purposes, but adds that downloading crypto wallet mobile apps from the manufacturers’ official websites is safest. The app on iOS available for Trezor users is only a companion app with limited features.
According to 9 to 5 MAC, an Apple news outlet, Apple isn’t very supportive of crypto apps, which should only be approved under specific circumstances. The outlet pointed out:
While Apple says that the App Store “is a place you can trust” and fights against sideloading, what happens in real life is that even Apple can’t keep the App Store free of scams.
Malicious crypto wallet apps on the App Store are not a novelty. A user lost Bitcoin worth $600,000 after downloading a nefarious Trezor app from the App Store in 2021.
