The founder of crypto hub Portal and creator of the first Bitcoin debit card says a scam crypto wallet app inside Apple's App Store was recently used to steal more than $120,000 worth of STX.
Posting on X early Monday, George Burke stated "Watch out. This scam wallet INSIDE Apple App Store stole 38,000 STX after importing." Burke tagged Muneeb Ali, co-founder of Stacks, asking him to warn other traders in the community. Burke has even provided a link to the transaction where he says the theft took place earlier today.
One commenter noted "We’ve all been posting this for a while and @hirosystems have reached out to @AppStore," possibly indicating this app has been at large and known about, at least in the crypto community, before today. The Software Version History of the app's listing indicates it first entered the App Store around two weeks ago on February 26.
Watch out. This scam wallet INSIDE Apple App Store stole 38,000 STX after importing. @muneeb please warn @Stacks community. https://t.co/gX0IC2ofiOMarch 11, 2024
At first glance, the app Leather Wallet & Hiro Bitcoin (which we are not linking to for obvious reasons), purports to be a 'Bitcoin Wallet' app that lets you "Manage your finances effortlessly." The description says it's "the ultimate companion for securely storing and managing your digital assets," and the boasts a hefty 4.9 out of five rating from 215 reviews on the App Store.
However, it seems these reviews might not be real. The 10 most recent reviews were all posted on the same day by a series of almost certainly fake accounts with suspicious names. Many of the most recent reviews also feature suspiciously similar or even identical wording such as "I've been using Leather Wallet for a few months now, and I couldn't be happier with my experience."
The app has a large number of five-star ratings and a very small number of one-star ratings, with none in between. It is possible these one-star ratings could be users trying to warn potential customers of a scam, but due to the design of Apple's App Store listings, it's not possible to read them. This also makes it impossible to determine the nature of the remaining five-star reviews, however, given this seems to be a known scam app it's likely they're also of the same nature as the ones we can see.
As noted, the sum stolen is a not-insignificant $123,598.10. Burke did not confirm whether or not he personally was the victim of the scam, but did ask for "any help" in recovering the stolen money. iMore has reached out to Burke to confirm.
The aforementioned commenter further noted "Hopefully they [Apple] will pay attention and we should all remember if they do not the headline should read “Apple Store allows its users to be scammed, even though it was warned about fake app.” The company was not immediately available for comment.
This wouldn't be the first time the App Store's quality control methods have left slip scam or spam apps, with fake reviews previously highlighted as a big issue. Studies conducted last year found that 15% of the top 100 games in Apple's App Store had suspicious reviews, rising to 17% in the App Store's Fitness section. The rise in cryptocurrency's popularity has seen the sector become a target for scammers on Apple's platforms. In 2022 one investor lost $650,000 in crypto and NFTs through an iCloud scam. Another customer blamed a $600,000 Bitcoin scam on Apple in 2021.
The question of quality control on Apple's App Store remains pertinent as the company moves to comply with the new EU Digital Markets Act, opening up its iPhone to alternative app marketplaces. Previously, Apple has warned that third-party app stores will open up users to scams and lower-quality apps, however, dissenting voices argue the existence of such apps on Apple's own App Store undermines this.