Man blames Apple for bitcoin theft by fake app in App Store
Apple has been blamed for enabling a scam app to steal bitcoin worth $600,000 from a man, by listing the fake app that pretended to be by another company in the App Store.

Cryptocurrency owner Phillipe Christodoulou discovered an app he had installed on his iPhone was fake in February, when he went to check his savings. The app, which was supposedly a companion app for cryptocurrency storage device producer Treznor, turned out to not be associated with the firm at all.
The mistake cost the user dearly, with Christodoulou claiming he had lost 17.1 bitcoin, which was valued at $600,000 at the time, reports the Washington Post. The app was fake, and had effectively handed over the cryptocurrency to scammers.
The app was listed in the App Store under the Treznor brand, though the company doesn't produce apps for its hardware wallets. Instead, thieves created the app and hosted it on the App Store in January in a bid to steal funds.
Checking the Treznor wallet showed there were no funds stored on it at all.
According to Christodoulou, the app was listed as having close to five stars on its reviews, which helped him trust the app enough to download it. Since the event, he is no longer happy with the company, which he noted as reviewing apps before they appear in the App Store in the first place.
"They betrayed the trust that I had in them," said Christodoulou. "Apple doesn't deserve to get away with this."
According to Apple, the app made it into the App Store by changing its purpose after getting into the store. The app was presented as a "cryptography" app for review, and that it "is not involved in any cryptocurrency," allowing it to appear in the App Store from January 22.
At a later time, the app changed purpose into a cryptocurrency wallet, a move that Apple doesn't allow. After being informed by Treznor about the fake app, Apple pulled it and banned the developer, but it was swiftly followed up by another Treznor app hitting the App Store.
While Apple did initially ban cryptowallets from the App Store, it allowed them in 2014, while also placing many restrictions on how the apps functioned. There are now many ways to buy cryptocurrencies from an iPhone and other Apple hardware,
"User trust is at the foundation of why we created the App Store, and we have only deepened that commitment in the years since," said Apple spokesman Fred Sainz. "In the limited instances when criminals defraud our users, we take swift action against these actors as well as to prevent similar violations in the future."
Apple said it removed some 6,500 apps from the App Store in 2020 for having "hidden or undocumented features," many of which were scam apps.
Christodoulou isn't the only one to have been affected by the scam, with Coinfirm claiming five people have reported thefts via the iOS app totaling $1.6 million. Fake Treznor apps on Android are also thought to have stolen a total of $600,000.
Scam apps and other bad actors are continuing to be an issue for online storefronts like the App Store. So-called "fleeceware" on iOS and Android that rely on high subscription fees have cost consumers more than $400 million, research from Avast claimed in March, but while they are morally questionable, they're technically legal.
Developers have also complained about scam apps that attempt to copy established apps, including marketing videos, but charge users a subscription while not providing all of the promised features. The complaints include how the apps are manipulating App Store reviews to get high scores, with fake praise cancelling out negative complaints.

Cryptocurrency owner Phillipe Christodoulou discovered an app he had installed on his iPhone was fake in February, when he went to check his savings. The app, which was supposedly a companion app for cryptocurrency storage device producer Treznor, turned out to not be associated with the firm at all.
The mistake cost the user dearly, with Christodoulou claiming he had lost 17.1 bitcoin, which was valued at $600,000 at the time, reports the Washington Post. The app was fake, and had effectively handed over the cryptocurrency to scammers.
The app was listed in the App Store under the Treznor brand, though the company doesn't produce apps for its hardware wallets. Instead, thieves created the app and hosted it on the App Store in January in a bid to steal funds.
Checking the Treznor wallet showed there were no funds stored on it at all.
According to Christodoulou, the app was listed as having close to five stars on its reviews, which helped him trust the app enough to download it. Since the event, he is no longer happy with the company, which he noted as reviewing apps before they appear in the App Store in the first place.
"They betrayed the trust that I had in them," said Christodoulou. "Apple doesn't deserve to get away with this."
According to Apple, the app made it into the App Store by changing its purpose after getting into the store. The app was presented as a "cryptography" app for review, and that it "is not involved in any cryptocurrency," allowing it to appear in the App Store from January 22.
At a later time, the app changed purpose into a cryptocurrency wallet, a move that Apple doesn't allow. After being informed by Treznor about the fake app, Apple pulled it and banned the developer, but it was swiftly followed up by another Treznor app hitting the App Store.
While Apple did initially ban cryptowallets from the App Store, it allowed them in 2014, while also placing many restrictions on how the apps functioned. There are now many ways to buy cryptocurrencies from an iPhone and other Apple hardware,
"User trust is at the foundation of why we created the App Store, and we have only deepened that commitment in the years since," said Apple spokesman Fred Sainz. "In the limited instances when criminals defraud our users, we take swift action against these actors as well as to prevent similar violations in the future."
Apple said it removed some 6,500 apps from the App Store in 2020 for having "hidden or undocumented features," many of which were scam apps.
Christodoulou isn't the only one to have been affected by the scam, with Coinfirm claiming five people have reported thefts via the iOS app totaling $1.6 million. Fake Treznor apps on Android are also thought to have stolen a total of $600,000.
Scam apps and other bad actors are continuing to be an issue for online storefronts like the App Store. So-called "fleeceware" on iOS and Android that rely on high subscription fees have cost consumers more than $400 million, research from Avast claimed in March, but while they are morally questionable, they're technically legal.
Developers have also complained about scam apps that attempt to copy established apps, including marketing videos, but charge users a subscription while not providing all of the promised features. The complaints include how the apps are manipulating App Store reviews to get high scores, with fake praise cancelling out negative complaints.

Comments
Or... That is why you hire a team of lawyers, when you want to blame others, and keep the focus off of your failures or the app makers intentions.
Who cares if this philosophy is morally questionable, as long as it is technically legal.
As long as he doesn’t pay for his mistakes.
Something sounds fishy here. At the very least there’s a hole in Apples processes.
Though I have limited sympathy for anyone who has any involvement with Bitcoin or any crypto nonsense.
Apple's problem is that since they curate apps, they have taken on the responsibility for the apps in the App Store. They would have been protected if they had allowed any app on the App Store since no user would trust them. Instead they have tried to build trust by saying that the App Store is safe because apps are reviewed. Users have no understanding that "safe" only applies to Apple's technology and not their own information.
If Apple wants to fix this problem it should do two things:
1. Identify its developers in some secure way that prevents developers from pretending to be someone they are not. Collect biometrics (voice, facial features, retina scans, etc.) of developers before allowing them to publish anything.
2. Trust developers who have a long track record of releasing safe apps and dealing with customers honestly. Use that trust to grant them additional API access to sensitive features (like being able to request access to a user's personal information).
The gentleman had purchased a hardware wallet from Trezor which he had good success with, and when seeing the "matching app" in the App Store would be forgiven for downloading as it had with a matching logo, name and description, and considering Apple's vetting of each and every app, would have been comfortable with it being from Treznor. Worse the only way Apple becomes aware that the app morphed is for users to report it. By that time damage is done.
I don't know why but I had simply assumed that by a human vetting the apps they could not do the exact same thing we read Android apps sometimes doing. So what's the difference between the two stores?
Apple’s scrutiny of the app and its later releases, its failure to validate the publisher against a known entity, and its failure to stop the company using fake reviews to get close to 5 stars all mean Apple isn’t running the safe and secure App Store it claims to.
if Apple is Whole Food, and they sell a fake product that is poisonous and kill someone. I don’t think Apple can off the hook. People buy things from Whole Food because they believe it is a trustworthy company and trust they offer quality and safe products.