A US crypto lawyer, Rafael Yakobi, has issued a warning to crypto users about a malicious app that steals funds by tricking users into providing their keyphrase. The app, named Trezor Wallet Suite, has been available on the Apple Store for several weeks and may have already stolen funds from thousands of unsuspecting individuals.
Rafael Yakobi, managing partner at The Crypto Lawyers, emphasized the importance of practicing extreme due diligence when it comes to using crypto safely. He urged anyone using a Trezor device to be cautious and aware of the potential risks associated with this fake app.
Trezor is a well-known manufacturer of hardware crypto wallets that offer users the ability to store their crypto assets offline, providing enhanced security and protection against attacks. The legitimate iOS companion app developed by Trezor is called “Trezor Suite Lite.” It allows users to exchange crypto assets, track their portfolios, and engage in asset trading.
To safeguard their wallet app login details, users are advised by wallet vendors to store their seed phrases offline. The seed phrase acts as a last line of defense and should only be used to recover funds from the wallet app that generated it. Trezor offers users the Shamir backup feature, enabling them to generate multiple seed phrases and store them in different physical locations.
Upon downloading the malicious app, users are prompted to select the number of seed phrases required to unlock their funds. For instance, they can generate three seed phrases but only need two to access their funds. Users who fell victim to the Trojan Horse app on the Apple App Store likely created a single seed phrase, leaving their funds vulnerable. Generating multiple seed phrases would have provided added security, ensuring that even if one phrase was compromised, the scam app wouldn’t be able to access the user’s funds.
The presence of the fake app as the second search result on the UK app store is concerning, highlighting loopholes in Apple’s listing process. While Apple has guidelines and strict requirements for developers, it seems that the fake app slipped through the cracks. The crypto industry’s ambiguous regulatory landscape has prompted Apple to impose additional rules for Web3 firms. Exchanges can offer custodial wallet apps in regions with appropriate licenses, while self-custodial apps are subject to more general rules.
It is important to note that none of these listing requirements can replace the need for thorough due diligence. Users should exercise caution, research apps and developers, and only rely on reputable sources when interacting with their crypto assets.
Trezor, one of the leading hardware wallet manufacturers, takes its name from the Czech word for “vault.” This clever choice reflects the company’s commitment to providing secure storage solutions for cryptocurrencies. Trezor wallets have gained popularity among crypto enthusiasts worldwide due to their emphasis on enhancing the safety and protection of digital assets.
Disclaimer: This article was created for informational purposes only and should not be taken as investment advice. An asset’s past performance does not predict its future returns. Before making an investment, please conduct your own research, as digital assets like cryptocurrencies are highly risky and volatile financial instruments. This is a news article only.
