iPhone Users Beware: Kaspersky Flags 26 Fake Crypto Wallet Apps That Could Drain Your Funds

Cybersecurity agency Kaspersky has recognized 26 fraudulent cryptocurrency pockets functions on Apple’s App Store which can be designed to steal customers’ digital property.

The firm’s Threat Research staff discovered that the apps imitate common crypto wallets, reminiscent of MetaMask, Ledger, Trust Wallet, Coinbase, TokenPocket, imToken, and Bitpie, by copying their names and visible branding to look official. Once opened, these functions redirect customers to phishing pages that resemble the App Store interface and immediate them to obtain a second utility, which is definitely a trojanized pockets that may drain cryptocurrency funds.

How The Scam Works

Kaspersky said the marketing campaign has been energetic since no less than fall 2025 and, with “reasonable confidence,” linked it to the menace actors behind SparkKitty, a beforehand recognized iOS malware pressure. Official variations of many of those pockets apps should not out there within the Chinese iOS App Store; a lot of the detected phishing apps have been distributed particularly to customers in China, although the malicious payload itself doesn’t embrace regional restrictions. This primarily signifies that customers outdoors China may be affected. Kaspersky confirmed it has reported all recognized apps to Apple.

According to the findings, the fraudulent apps embrace primary, unrelated options reminiscent of video games, calculators, or process managers to create an look of legitimacy and move preliminary scrutiny. After set up, they information customers by way of a course of that opens a faux App Store webpage and encourages them to obtain what seems to be the meant pockets utility.

This set up course of works equally to SparkKitty, utilizing Apple’s enterprise developer instruments for company app distribution. Users are prompted to put in a developer profile on their gadget, which permits them to put in apps from outdoors the App Store. Attackers depend on customers overlooking this step, enabling the set up of malicious software program.

Once put in, the trojanized pockets functions are designed to imitate the conduct of the particular pockets they impersonate. They goal each cold and hot wallets.

Kaspersky’s cell malware professional, (*26*) Puzan, acknowledged that whereas the apps themselves might not include dangerous code, they function entry factors in a broader assault chain that finally results in malware set up. The researcher additional warned,

“By paying a charge and organising a developer account, the attackers can goal any iOS gadget if the consumer succumbs to the phishing tactic. Users ought to be cautious of the dangers associated to managing their crypto wallets even on units that they think about protected, reminiscent of iPhones. We anticipate there could also be extra trojanized crypto apps distributed with an identical tactic.”

Counterfeit Ledger Device

The newest report comes days after a counterfeit Ledger Nano S Plus gadget bought by way of a web-based market was exposed as a part of a classy phishing operation designed to steal crypto pockets credentials by a Brazilian cybersecurity researcher. The gadget, which was marketed and priced like an official product, initially appeared real however failed verification when related to Ledger Live.

Upon opening the gadget, the researcher discovered inner elements that didn’t match official {hardware}, together with a chip with its markings eliminated and extra WiFi and Bluetooth antennas not current in genuine Ledger wallets. Further examination of the firmware revealed that each PIN codes and seed phrases have been saved in plaintext, together with references to exterior servers, indicating that the gadget was designed to seize and transmit delicate knowledge.

The researcher acknowledged that this assault doesn’t contain any flaw in Ledger’s safety, however as a substitute makes use of faux units, dangerous apps, and phishing tips to focus on customers.

The publish iPhone Users Beware: Kaspersky Flags 26 Fake Crypto Wallet Apps That Could Drain Your Funds appeared first on CryptoPotato.