An iPhone user downloaded an app from App Store and got scammed, he lost all of his Bitcoin savings. All iPhones have the same limitation, they can only install applications that have been published in the company’s App Store. Although there are methods to jailbreak the iPhone and bypass this restriction, it is increasingly less common and easy to do so.
Although Apple has been heavily criticized by companies such as Epic Games or Spotify for the apparent ‘monopoly’ it has over its platform, the truth is that the vast majority of users have little reason not to use anything other than the App Store.
Apple has always boasted of its security and control, which allows it to block malicious applications that do appear in Android app stores. However, this security image has suffered a blow with the story of a user who claims to have lost $600,000 because of an Apple-approved app.
An app called Terzor is the culprit
The user wanted to manage his Bitcoin wallet, and he searched the App Store for the name Trezor. He found what he believed to be their official app, as it used both the company’s name and logo.
After downloading it and entering his login credentials, he discovered that the app had withdrawn the 17.1BTC he had in his wallet, which at the time was worth approximately $600,000.
In reality, Trezor has no official app for iOS, and therefore, the user had downloaded a fake app that sought to gain access to users’ virtual wallets in order to empty them completely.
The user has publicly denounced Apple for allowing the existence of this fake app in its App Store, claiming that the company has “betrayed the trust” he placed and asks to be reimbursed for the money he lost.
He was not alone. Analysts estimate that about five people lost a total of $1.6 million just by using the iOS app.
Apple has confirmed the app was fake
After an investigation, Apple has confirmed that the app was fake and kicked it out of the App Store after the real creators of Trezor reported it; although it has not said anything about the victims.
To get to the App Store, the creators of the fake app deceived Apple, studying their methods and making changes to avoid suspicion. The key to the deception was that the original app had no reference to cryptocurrencies; when the creators applied to the App Store, they did so by presenting their app as a way to encrypt files and passwords on the iPhone.
Only when the app was approved and appeared in the App Store, it was changed to a cryptocurrency app with the possibility of associating our virtual wallet. Then it began to attract users.
Although the application for the app contained no references to cryptocurrencies, it did use the Trezor logo and name; Apple did not verify that these developers were actually from the company, nor that this was an official app.
It may seem like overkill to call on Apple to perform such checks, but critics wonder what use is Apple’s complete control over the App Store if it lets these types of apps in.
In fact, this fake app also made it to Android, where it is estimated to have scammed $600,000 from users; but the situation on Android is very different.