Fake Bitcoin app on iOS steals $ 600k from investor


A fake app disguised as a virtual wallet for cryptocurrencies stole a considerable amount of bitcoins from users who fell into the trap – which was quite elaborate and was normally available for download within the App Store.

The case was made public after making another victim: the American Phillipe Christodoulou, who was stolen in 17.1 bitcoins – about US $ 600 thousand or R $ 3.4 million, in direct currency conversion at the time when they have been stolen.

His report to The Washington Post helped to unmask the scheme, but he is now struggling to try to recover at least part of his savings.

In the smallest details

The scam that victimized Christodoulou involves an app disguised as Trezor, a physical device used for cryptocurrency storage that actually exists. When searching for “Trezor” on the App Store, he installed the first search result – which had the same information as the original, the real logo and only positive reviews.

After downloading and entering the access data to check the balance, the boy had the bitcoins stolen. This Trezor was, in fact, a clone of the real app that “escaped” the strict rules and security mechanisms of the iOS virtual store. In all, the fake program stole $ 1.6 million users.

Whose fault is it?

But how did the fake Trezor get into the App Store? According to Apple itself, it was approved at the store because it registered itself as a completely different service: a simple encryption tool to protect documents. Once inside, he edited some basic information to turn a copy of the cryptocurrency wallet and trick customers.

But the registration has already been carried out with the name, logo and colors of the real Trezor – and even then, Apple approved the app. Because he felt his confidence was broken, Christodoulou called the FBI to investigate the scheme and wanted some compensation from the company.

So far, Apple has not commented on how it will act in the case. Trezor said it had been warning the company about coup attempts for years using the service’s name.


Please enter your comment!
Please enter your name here