Is it associated with major risks for users to obtain applications outside of the App Store? Apple answers this question in the affirmative: In recent years, the company has repeatedly stated that it ensures the safety of users by meticulously checking software submitted to the store. In this way, Cupertino manages to block malware and developers who have fraudulent intentions. In fact, Apple is only able to keep this promise to a very limited extent, as a new example impressively demonstrates. Fraud app causes loss of $9.5 million
If you want to securely manage cryptocurrencies such as Bitcoin and Ethereum, you are well advised to use a wallet. Ledger offers one of these: The app can be obtained directly from the company’s website; there is no version for the Mac App Store. However, according to CoinDesk, this fact did not seem to be clear to some users: They obtained an app from the store that posed as an official ledger app. Apple waved this through, even though a quick comparison with Ledger’s website would have revealed that the software was only available via the website. Over 50 users fell victim to the scam app: In total, there were losses of $9.5 million between April 7th and 13th of this year.
Doubts about Apple’s security promises
One of those affected describes his experience: He lost 9.5 Bitcoin, which corresponds to almost 600,000 euros – and with it all the savings he had accumulated over ten years. The fraud app used a fairly simple phishing attempt: it asked for the so-called “seed phrase” to be entered. This is a secret sequence of words that serves as an access key for crypto wallets. The money was transferred via the KuCoin cryptocurrency exchange and concealed using the online money laundering service “AudiA6”. Apple has since pulled the ripcord and removed the software from the Mac App Store. However, it is astonishing how such a mistake could have happened to the company – and how long it took before it took action.
