Bitcoin
Bitcoin (BTC)
$101,260.00 0.88496
Bitcoin price
Ethereum
Ethereum (ETH)
$3,934.45 4.02399
Ethereum price
BNB
BNB (BNB)
$715.91 2.83874
BNB price
Solana
Solana (SOL)
$232.89 1.68143
Solana price
XRP
XRP (XRP)
$2.40 0.2948
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000288 0.40122
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000245 -1.10286
Pepe price
Bonk
Bonk (BONK)
$0.0000397 -0.23229
Bonk price
dogwifhat
dogwifhat (WIF)
$3.09 0.74508
dogwifhat price
Popcat
Popcat (POPCAT)
$1.27 1.08573
Popcat price
Bitcoin
Bitcoin (BTC)
$101,260.00 0.88496
Bitcoin price
Ethereum
Ethereum (ETH)
$3,934.45 4.02399
Ethereum price
BNB
BNB (BNB)
$715.91 2.83874
BNB price
Solana
Solana (SOL)
$232.89 1.68143
Solana price
XRP
XRP (XRP)
$2.40 0.2948
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000288 0.40122
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000245 -1.10286
Pepe price
Bonk
Bonk (BONK)
$0.0000397 -0.23229
Bonk price
dogwifhat
dogwifhat (WIF)
$3.09 0.74508
dogwifhat price
Popcat
Popcat (POPCAT)
$1.27 1.08573
Popcat price
Bitcoin
Bitcoin (BTC)
$101,260.00 0.88496
Bitcoin price
Ethereum
Ethereum (ETH)
$3,934.45 4.02399
Ethereum price
BNB
BNB (BNB)
$715.91 2.83874
BNB price
Solana
Solana (SOL)
$232.89 1.68143
Solana price
XRP
XRP (XRP)
$2.40 0.2948
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000288 0.40122
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000245 -1.10286
Pepe price
Bonk
Bonk (BONK)
$0.0000397 -0.23229
Bonk price
dogwifhat
dogwifhat (WIF)
$3.09 0.74508
dogwifhat price
Popcat
Popcat (POPCAT)
$1.27 1.08573
Popcat price
Bitcoin
Bitcoin (BTC)
$101,260.00 0.88496
Bitcoin price
Ethereum
Ethereum (ETH)
$3,934.45 4.02399
Ethereum price
BNB
BNB (BNB)
$715.91 2.83874
BNB price
Solana
Solana (SOL)
$232.89 1.68143
Solana price
XRP
XRP (XRP)
$2.40 0.2948
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000288 0.40122
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000245 -1.10286
Pepe price
Bonk
Bonk (BONK)
$0.0000397 -0.23229
Bonk price
dogwifhat
dogwifhat (WIF)
$3.09 0.74508
dogwifhat price
Popcat
Popcat (POPCAT)
$1.27 1.08573
Popcat price

Fake Phantom wallet breaches Apple’s app store, draining crypto assets

fake-phantom-wallet-breaches-apples-app-store-draining-crypto-assets
Edited by
News
Fake Phantom wallet breaches Apple’s app store, draining crypto assets

A fake Phantom wallet on Apple’s app store is reportedly draining user funds when a user recovers their account using their private key.

The application closely mimics the original Phantom wallet published by Phantom Technologies Incorporated. When searching for the Phantom wallet, the app shows up as an ad even before the original application.

Fake Phantom wallet breaches Apple’s app store, draining crypto assets - 1
Fake Phantom Wallet appears before the original as an ad | Source: Apple app store

While the original application is categorized as a utility, the fake app is categorized as an educational app published by Meta Voxify. The publisher only has this fake app in its listings.

Interestingly, the description of the bogus app is for an application dubbed Voxify AI, which seems to be a text-to-speech conversion tool. Searching for Voxify Ai on the app store currently directs users to the fake Phantom wallet app.

The app has multiple one-star reviews. In the app review section, several users complained of losing funds when loading their wallets into the fake app.

Fake Phantom wallet breaches Apple’s app store, draining crypto assets - 2
Users report losing funds on the fake app | Source: Apple app store

At the time of publication, the application had been removed from the app store. But it was still live on the platform when searching for “Meta Voxify” or “Voxify ai.”

This isn’t the first instance of malicious applications infiltrating Apple’s store. 

Last year, bad actors deployed a clone of the cryptocurrency wallet Rabby Wallet. Similar to the current incident, the wallet was displayed as the first result when searching for  “Rabby Wallet.”

The original wallet was only available as a standalone desktop application and a Google Chrome extension at the time.

Scammers have increasingly targeted smartphone users over the past few years. A 2023 research from cybersecurity firm Sophos revealed that pig butchering scammers were evading Google and Apple’s app store security measures to deploy malicious applications.

The scammers used an app signed with a valid certificate issued by Apple to get approved. Subsequently, they would connect the app to malicious servers in their control to defraud victims.

Whether or not bad actors used a similar tactic in this case remains unclear.

Amidst this backdrop, Mende Matthias, co-founder of the Dubai blockchain center, reportedly lost over $100,000 worth of funds from his Phantom wallet. He has stressed that his funds were transferred to a different wallet address despite having various security measures in place.

Further, he also denied interacting with any malicious links or websites. He concluded that he may have been targeted because he “openly shared” how much he invested.

Matthias has also confirmed that his funds were not lost via the fraudulent Phantom wallet application. However, he hasn’t disclosed how the attackers exploited his wallet.

The team at Phantom is yet to respond to the issue.