Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Apple fighting to stem fake Bitcoin apps on App Store

Last updated

Apple is reportedly working to counter an influx of counterfeit Bitcoin wallets on the App Store, which in some cases may be robbing users of coins worth thousands of dollars.

In a little over a week, over 10 such apps made it onto the App Store despite Apple's review process, according to Motherboard. A company spokeperson said that all of the offending apps have been removed.

The software was mimicking legitimate wallet apps such as BitGo, Breadwallet, and Coinbase, apparently using portions of the apps' source code to take on the same look. In the case of a Breadwallet clone, customers are thought to have lost at least $20,000 — half of that belonging to one victim.

Developers of Bitcoin apps will sometimes make their source code public for the sake of transparency, particularly important given past incidents with the cryptocurrency. This is also believed to be making spoofing easier, however.

It's not clear how the fake apps made it past Apple screening, but Breadwallet co-founder Aaron Voisine suggested that Apple should be verifying the identities of people uploading apps into the App Store's Finance category.



8 Comments

techprod1gy 11 Years · 838 comments

Apple needs to transition from quantity to quality on the app front. We have more apps then any of us need. Now we need Apple to really drive quality. Also put more guidelines and grading system for devs. Thoughts?

cnocbui 17 Years · 3612 comments

Breadwallet co-founder Aaron Voisine suggested that Apple should be verifying the identities of people uploading apps into the App Store's Finance category.

Couldn't agree more.  Every player that provides an app store for phones, including, Google and Microsoft, should be doing this.

launfall 14 Years · 50 comments

This is an Apple screw-up and they should be held financially liable. If you're going to have a walled garden and vet all the apps, you damn well better keep the bugs out.

sflocal 16 Years · 6138 comments

launfall said:
This is an Apple screw-up and they should be held financially liable. If you're going to have a walled garden and vet all the apps, you damn well better keep the bugs out.

As opposed to what?  I'll gladly take the 99% effort that Apple does to prevent rogue apps from getting into the App store compared to the botched creation that is the Android Marketplace.  


No system is 100% foolproof.  If you expect that, then I have a unicorn to sell you.  Out of the hundreds of thousands of apps, 10 got through and you're complaining?  Really. I'm not sure if you're trolling or just that ignorant of the work that it takes to curate an ecosystem of this magnitude.

Apple will learn from it, and evolve to prevent future ones.  Case closed.

It sucks that the individual lost bitcoins over this.  It's easy to say that he should have been more careful about what apps to download since most folks implicitly trust that Apple did the work to screen out the miscreants.  I'm curious how this gets resolved.  I'm sure the people responsible had their developer credentials revoked, and maybe Apple is/will work with local authorities to prosecute the developers.  I'll be following this one.

maestro64 19 Years · 5029 comments

launfall said:
This is an Apple screw-up and they should be held financially liable. If you're going to have a walled garden and vet all the apps, you damn well better keep the bugs out.


I guess you did not read the article, the app Developers release the source code to their software so others look through their code to make sure it does not have security flaws, the problem was they created the flaw by releasing the source code the bad players copied the code and submitted as the original source code. they also probably mimic the software developer themselves to make it look like the developer was the one actually submitting the update.

Yeah Apple could have put some sort of two step verification process for app submittals, but developer should not be put their source code out in the wild, the developer is the one who holds most of the liability here.

Imagine if your bank openly shared their source code for their online banking software, would you feel safe using their app for online backing.