William Gallagher
Reports of another fake bitcoin wallet in the App Store are claiming that "Leather Wallet & Hiro Bitcoin" took over $120,000 in a single fraudulent transaction.
Apple claims the EU is weakening App Store security, and executives including Craig Federighi stress that users are at risk if its review process is skipped by alternative app stores. But it appears that yet another scam app has made it through Apple's App Store review process.
Watch out. This scam wallet INSIDE Apple App Store stole 38,000 STX after importing. @muneeb please warn @Stacks community. https://t.co/gX0IC2ofiO
— George Burke (@geoburke) March 11, 2024
Financial app developer George Burke reports that the app, "Leather Wallet & Hiro Bitcoin," has stolen the equivalent of $121,448.22. Burke has provided a link to the transaction details, though it's not clear whether it's he or a client who was allegedly defrauded.
So far there are few other reports and responses to Burke's comment on X/Twitter, but one is from someone claiming that many people have been aware of the scam "for a while." There are also reports that Bitcoin developer Hiro — fraudulently named in the app's title — has contacted Apple.
According to its App Store listing, "Leather Wallet & Hiro Bitcoin" was added in late February. It is developed by a firm called Huynh Gia Hai Service Construction Trading One Member Company Limited.
The firm appears to have no other apps, and no online presence other than a privacy policy. That policy is required by Apple, but in this case the details are held on the third-party TermsFeed site.
Apple has now confirmed to AppleInsider that the app was on the App Store for approximately two weeks, but has now been removed. This is similar how it reacted when it removed a different fake crypto app.
Updated: 11 March 2024 17:15 with Apple's response.
Christine McKee
AppleInsider Staff
Chip Loder
Malcolm Owen
8 Comments
This is actually good news for Apple as the drive to force other app stores only magnifies these types of breaches.
Most of the security / safety that Apple promotes is psychological. It's branding. It's marketing.
Set aside their notarisation processes (which is a great concept and really works!), the actual human review process is inefficient, prone to $$$ bias and Apple politics and human errors. Of the 30+ games and apps I deployed on iOS/iPadOS involving major media stakeholders, Apple sometimes just forgot to review our apps (staying in a queue for weeks), didn't communicate for days, rejected publication based on nonsensical reasons and misunderstandings, costing stakeholders thousands and thousands of dollars, especially when the app was tied to an important media announcement.
I could design a game that passes Apple review, but after 50 days suddenly changes from a game into a pornographic content video player and Apple would *never* know about it as part of their review process. Yes, my account would be banned as soon as the first complaints roll in, but by then the damage is done.
The truth is that Apple obviously cannot review every SKU on their store, even with a large team.
The primary reason for Apple to be the gate-keeper is not to protect the interests of its consumers, but themselves.
Which is what companies do, not just Apple.
So, I'm looking forward for other parts of the world forcing Apple (and similar competitors) to open up their ecosystem and allow for side-loading and third-party stores. This IS in the best interest of its users.
Apple might not have responded to Apple Insider, but they have removed the app from the store. However, typing “leather wallet” in the search field results “leather wallet and hiro bitcoin” as a suggestion.