Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Bitcoin app accused of stealing $120,000 in another App Store failure [u]

The App Store is meant to be safe from scam apps

Last updated

Reports of another fake bitcoin wallet in the App Store are claiming that "Leather Wallet & Hiro Bitcoin" took over $120,000 in a single fraudulent transaction.

Apple claims the EU is weakening App Store security, and executives including Craig Federighi stress that users are at risk if its review process is skipped by alternative app stores. But it appears that yet another scam app has made it through Apple's App Store review process.

Financial app developer George Burke reports that the app, "Leather Wallet & Hiro Bitcoin," has stolen the equivalent of $121,448.22. Burke has provided a link to the transaction details, though it's not clear whether it's he or a client who was allegedly defrauded.

So far there are few other reports and responses to Burke's comment on X/Twitter, but one is from someone claiming that many people have been aware of the scam "for a while." There are also reports that Bitcoin developer Hiro — fraudulently named in the app's title — has contacted Apple.

According to its App Store listing, "Leather Wallet & Hiro Bitcoin" was added in late February. It is developed by a firm called Huynh Gia Hai Service Construction Trading One Member Company Limited.

The firm appears to have no other apps, and no online presence other than a privacy policy. That policy is required by Apple, but in this case the details are held on the third-party TermsFeed site.

Apple has now confirmed to AppleInsider that the app was on the App Store for approximately two weeks, but has now been removed. This is similar how it reacted when it removed a different fake crypto app.

Updated: 11 March 2024 17:15 with Apple's response.



8 Comments

hmurchison 24 Years · 11825 comments

This is actually good news for Apple as the drive to force other app stores only magnifies these types of breaches. 

1 Like · 0 Dislikes
CheeseFreeze 8 Years · 1345 comments

Most of the security / safety that Apple promotes is psychological. It's branding. It's marketing.

Set aside their notarisation processes (which is a great concept and really works!), the actual human review process is inefficient, prone to $$$ bias and Apple politics and human errors. Of the 30+ games and apps I deployed on iOS/iPadOS involving major media stakeholders, Apple sometimes just forgot to review our apps (staying in a queue for weeks), didn't communicate for days, rejected publication based on nonsensical reasons and misunderstandings, costing stakeholders thousands and thousands of dollars, especially when the app was tied to an important media announcement.
 
I could design a game that passes Apple review, but after 50 days suddenly changes from a game into a pornographic content video player and Apple would *never* know about it as part of their review process. Yes, my account would be banned as soon as the first complaints roll in, but by then the damage is done.

The truth is that Apple obviously cannot review every SKU on their store, even with a large team. 
The primary reason for Apple to be the gate-keeper is not to protect the interests of its consumers, but themselves.
Which is what companies do, not just Apple. 

So, I'm looking forward for other parts of the world forcing Apple (and similar competitors) to open up their ecosystem and allow for side-loading and third-party stores. This IS in the best interest of its users.

2 Likes · 0 Dislikes
michelb76 9 Years · 707 comments

This is actually good news for Apple as the drive to force other app stores only magnifies these types of breaches. 

Maybe. Maybe other stores actually check the apps first.

avon b7 21 Years · 8078 comments

This is actually good news for Apple as the drive to force other app stores only magnifies these types of breaches. 

Let's not forget that opening platforms like iDevice systems to app store competition is there to stimulate choice. 

Security and privacy are things that are covered by a lot of laws. They don't fall exclusively under one directive or another. 

It is entirely possible that alternative app stores could provide better protection than Apple. It's possible they might not of course. 

Absolute protection is impossible but there is a lot that can be done to improve things. You would think that something like comparing app names for similar names and raising flags for closer inspection would be perfect for AI but we've seen a few examples over the past months where apps have got through the system while looking very similar to existing, legitimate apps. 

bonobob 14 Years · 396 comments

Apple might not have responded to Apple Insider, but they have removed the app from the store.  However, typing “leather wallet” in the search field results “leather wallet and hiro bitcoin” as a suggestion. 

1 Like · 0 Dislikes