Summary

Researchers have identified 26 fake cryptocurrency wallet apps on the Apple App Store designed to steal users' recovery phrases and private keys. These apps have been active since at least fall 2025, posing a significant threat to cryptocurrency users.

Key Points

• 26 malicious apps were discovered on the Apple App Store.
• These apps impersonate popular cryptocurrency wallets.
• The apps redirect users to fake browser pages resembling the App Store.
• The goal is to distribute trojanized versions of legitimate wallets.
• The threat has been active since at least fall 2025.
• Kaspersky researchers were involved in the discovery.

Analysis

The discovery of these fake wallet apps highlights a critical vulnerability in app store security, particularly affecting cryptocurrency users. By impersonating legitimate wallet applications, these apps can deceive users into divulging sensitive information, leading to potential financial losses. The use of trojanized apps further complicates the threat landscape, emphasizing the need for enhanced scrutiny and security measures in app distribution platforms.

Conclusion

IT professionals should advise users to verify the authenticity of wallet apps before downloading and educate them on recognizing phishing attempts. Regular audits and stricter app vetting processes on platforms like the Apple App Store are recommended to prevent similar threats.