Crypto wallet scams on App Store

Security researchers found 26 fake crypto wallet apps on Apple’s China App Store that were built to steal users’ recovery phrases and empty their accounts. (bleepingcomputer.com) The apps copied the names and branding of MetaMask, Coinbase, Trust Wallet and OneKey, then prompted users to import an existing wallet by typing in a seed phrase — the secret word list that controls a crypto account. (bleepingcomputer.com) Once a user enters that phrase, the attacker can recreate the wallet on another device and transfer out the assets; BleepingComputer reported the campaign was active in Apple’s China storefront as of April 20, 2026. (bleepingcomputer.com) Apple says every app is reviewed before it reaches the App Store and that it scans submissions for malware and other software that could affect user safety, security and privacy. (developer.apple.com (developer.apple.com) Apple’s review rules also say developers cannot use another company’s icon, brand or product name in an app name or icon without approval, a rule aimed at blocking impersonation before an app is approved. (developer.apple.com) The fake-wallet campaign lands after Apple updated its App Review Guidelines again on February 6, 2026, the latest in a series of policy revisions over the past year. (developer.apple.com 1) (developer.apple.com 2) This is not the first time crypto-stealing software has slipped into Apple’s store. In February 2025, BleepingComputer reported iPhone and Android apps using a malicious software development kit that stole wallet recovery phrases with optical character recognition. (bleepingcomputer.com) For users, the practical rule is simple: a seed phrase is the master key to a wallet, and any app that asks for it can take the funds if the app is fraudulent. Apple’s review system is supposed to catch that before download, but this case shows look-alike wallet apps still made it through. (bleepingcomputer.com) (developer.apple.com)