""Once launched, these apps redirect users to browser pages designed to look similar to the App Store and distribute trojanized versions of legitimate wallets," Kaspersky researcher Sergey Puzan said. "The infected apps are specifically engineered to hijack recovery phrases and private keys.""
""The latest crypto-theft scheme is an improvement in several ways. For starters, the apps are directly available for download from Apple's App Store if a user has their Apple account set to China.""
""These apps have icons that mirror the original but have intentional typos in their names (e.g., LeddgerNew) so as to trick unsuspecting users into downloading them.""
Researchers identified 26 malicious apps on the Apple App Store, collectively named FakeWallet, that impersonate popular cryptocurrency wallets. These apps redirect users to fake browser pages resembling the App Store, distributing trojanized wallet versions. They are designed to hijack recovery phrases and private keys. Many apps have been removed by Apple, and the scheme represents an evolution in crypto-theft tactics, as these apps are directly downloadable from the App Store in China. Some apps use misleading names and icons to trick users into downloading them.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]