Apple fighting to stem fake Bitcoin apps on App Store

AppleInsiderAppleInsider
Posted:
in iPhone edited August 2016
Apple is reportedly working to counter an influx of counterfeit Bitcoin wallets on the App Store, which in some cases may be robbing users of coins worth thousands of dollars.




In a little over a week, over 10 such apps made it onto the App Store despite Apple's review process, according to Motherboard. A company spokeperson said that all of the offending apps have been removed.

The software was mimicking legitimate wallet apps such as BitGo, Breadwallet, and Coinbase, apparently using portions of the apps' source code to take on the same look. In the case of a Breadwallet clone, customers are thought to have lost at least $20,000 -- half of that belonging to one victim.

Developers of Bitcoin apps will sometimes make their source code public for the sake of transparency, particularly important given past incidents with the cryptocurrency. This is also believed to be making spoofing easier, however.

It's not clear how the fake apps made it past Apple screening, but Breadwallet co-founder Aaron Voisine suggested that Apple should be verifying the identities of people uploading apps into the App Store's Finance category.

Comments

  • Reply 1 of 8
    techprod1gytechprod1gy Posts: 838member
    Apple needs to transition from quantity to quality on the app front. We have more apps then any of us need. Now we need Apple to really drive quality. Also put more guidelines and grading system for devs. Thoughts?
  • Reply 2 of 8
    cnocbuicnocbui Posts: 3,613member
    Breadwallet co-founder Aaron Voisine suggested that Apple should be verifying the identities of people uploading apps into the App Store's Finance category.

    Couldn't agree more.  Every player that provides an app store for phones, including, Google and Microsoft, should be doing this.

  • Reply 3 of 8
    launfalllaunfall Posts: 50member
    This is an Apple screw-up and they should be held financially liable. If you're going to have a walled garden and vet all the apps, you damn well better keep the bugs out.
    jbdragonsingularity
  • Reply 4 of 8
    sflocalsflocal Posts: 6,093member
    launfall said:
    This is an Apple screw-up and they should be held financially liable. If you're going to have a walled garden and vet all the apps, you damn well better keep the bugs out.
    As opposed to what?  I'll gladly take the 99% effort that Apple does to prevent rogue apps from getting into the App store compared to the botched creation that is the Android Marketplace.  

    No system is 100% foolproof.  If you expect that, then I have a unicorn to sell you.  Out of the hundreds of thousands of apps, 10 got through and you're complaining?  Really. I'm not sure if you're trolling or just that ignorant of the work that it takes to curate an ecosystem of this magnitude.

    Apple will learn from it, and evolve to prevent future ones.  Case closed.

    It sucks that the individual lost bitcoins over this.  It's easy to say that he should have been more careful about what apps to download since most folks implicitly trust that Apple did the work to screen out the miscreants.  I'm curious how this gets resolved.  I'm sure the people responsible had their developer credentials revoked, and maybe Apple is/will work with local authorities to prosecute the developers.  I'll be following this one.
    P-DogNCjony0
  • Reply 5 of 8
    maestro64maestro64 Posts: 5,043member
    launfall said:
    This is an Apple screw-up and they should be held financially liable. If you're going to have a walled garden and vet all the apps, you damn well better keep the bugs out.


    I guess you did not read the article, the app Developers release the source code to their software so others look through their code to make sure it does not have security flaws, the problem was they created the flaw by releasing the source code the bad players copied the code and submitted as the original source code. they also probably mimic the software developer themselves to make it look like the developer was the one actually submitting the update.

    Yeah Apple could have put some sort of two step verification process for app submittals, but developer should not be put their source code out in the wild, the developer is the one who holds most of the liability here.

    Imagine if your bank openly shared their source code for their online banking software, would you feel safe using their app for online backing.

    edited August 2016
  • Reply 6 of 8
    jbdragonjbdragon Posts: 2,311member
    launfall said:
    This is an Apple screw-up and they should be held financially liable. If you're going to have a walled garden and vet all the apps, you damn well better keep the bugs out.
    I'm going to have to agree with this. Especally when it comes to something like Bitcoin and MONEY!!! This isn't some app where you're buying fake coins or stars or whatever, this is Real Money for Virtual Real Money. You're giving out Personal Info to these services and if it's FAKE, you could really end up screwed. Personally, I use the app Circle which works pretty good for my needs. I don't use bitcoins a lot and only in small transactions anyway. It's been working out just fine for my needs.
  • Reply 7 of 8
    OutdoorAppDeveloperOutdoorAppDeveloper Posts: 1,293member
    Apple should be verifying the identity of all their app developers. As a developer, I would not mind at all jumping through a few more hoops to verify my own identity and in turn making the app store a safer place since it helps all users and legitimate developers.
  • Reply 8 of 8
    SpamSandwichSpamSandwich Posts: 33,407member
    Really wish Apple would integrate Bitcoin and Ethereum trading and transfer capability into their own Wallet app.
Sign In or Register to comment.