The Android mobile operating system tends to attract an outsized share of scrutiny when it comes to the prevalence of scammy, malicious apps that target users because of the open-source nature of the platform. Indeed, recent weeks have seen reports of everything from dangerous Android apps that mimic bank pages and steal login credentials, to an app that pretends to be an Android system update that in actuality is able to let a hacker take complete control over a victim’s phone.
Meanwhile, these same kinds of malicious apps are sometimes able to likewise sneak onto Apple’s iOS app platform, as well. These sketchy iOS apps include examples like a scam bitcoin app that recently cost one iPhone user his life saving’s — more than $600,000 in bitcoin at the time of the theft, per The Washington Post.
iPhone owner Phillipe Christodoulou had searched through Apple’s App Store to try to find a cryptocurrency app from the company Trezor. He found one with the company’s logo and color scheme, so thinking that was the correct app, he downloaded it and proceeded to input his login credentials.
Unfortunately, this was not the app he was looking for. The Post notes that this app was designed to fool bitcoin owners, and, boy, did it in this case — “Apple doesn’t deserve to get away with this,” said Christodoulou, who lost his entire bitcoin balance.
What seems to have occurred here is that the app maker pulled off a bait and switch. When applying for inclusion into Apple’s App Store, this app used Trezor’s branding but described itself as a cryptography app that would store passwords and encrypt files. Once it was allowed to be added to the App Store, the app turned itself into a whole other thing — a cryptocurrency wallet.
Christodoulou said in an interview with the newspaper that this turn of events has completely wrecked his faith in Apple, which he had previously seen as a place that offers apps inside a walled, protected garden that didn’t allow scammy apps inside. “They betrayed the trust I had in them,” he said of the iPhone maker.
Apple gave the Post the following statement by way of defending its actions in this case, which include removing the fake Trezor app: “User trust is at the foundation of why we created the App Store, and we have only deepened that commitment in the years since,” said Apple spokesperson Fred Sainz. “Study after study has shown that the App Store is the most secure app marketplace in the world, and we are constantly at work to maintain that standard and to further strengthen the App Store’s protections. In the limited instances when criminals defraud our users, we take swift action against these actors as well as to prevent similar violations in the future.”