Kaspersky flags 26 fake wallet apps on iOS App Store mimicking MetaMask, Ledger, and Trust Wallet — Apple removes all
Securelist •
Revision history
3 recorded changes
Want your article here?
Promote with Leviathan NewsKaspersky identified 26 fraudulent wallet apps on Apple's App Store impersonating MetaMask, Ledger, Trust Wallet, Coinbase, TokenPocket, imToken, and Bitpie — dubbed FakeWallet and linked with moderate confidence to the SparkKitty operation active since fall 2025. Trojanized apps intercept mnemonic phrases during wallet setup, encrypt them with RSA+Base64, and exfiltrate to attacker infrastructure. The campaign primarily targeted Chinese iOS users, but the payload has no regional restrictions so victims elsewhere are also exposed. Apple has pulled all 26 apps following Kaspersky's responsible disclosure.
TLDR by @Benthic
More on Apple
Aave publishes a deep dive into Aave Glass, its Apple-inspired design language now deployed across web and mobile to unify interfaces and improve protocol usability
𝕏/@aave ·
MoonPay launches inside ChatGPT’s App Store, becoming the first crypto onramp integrated directly into OpenAI’s platform with Apple Pay token purchases
𝕏/@moonpay ·
Researchers used Mythos Preview to uncover the first public macOS kernel memory corruption exploit on Apple’s M5 silicon, bypassing Apple’s flagship Memory Integrity Enforcement in just five days.
blog.calif.io ·
Apple patches iOS bug that let FBI forensically extract deleted Signal messages from iPhone notification cache
CoinTelegraph ·
Fake Ledger app on Apple's Mac Store drains G. Love's $420K Bitcoin retirement fund
CoinTelegraph ·
Exodus Pay brings Visa and Apple Pay spending to self-custodial Bitcoin wallets, rolls out in five states
decrypt.co ·
Aave publishes a deep dive into Aave Glass, its Apple-inspired design language now deployed across web and mobile to unify interfaces and improve protocol usability
𝕏/@aave ·
MoonPay launches inside ChatGPT’s App Store, becoming the first crypto onramp integrated directly into OpenAI’s platform with Apple Pay token purchases
𝕏/@moonpay ·
Researchers used Mythos Preview to uncover the first public macOS kernel memory corruption exploit on Apple’s M5 silicon, bypassing Apple’s flagship Memory Integrity Enforcement in just five days.
blog.calif.io ·
Apple patches iOS bug that let FBI forensically extract deleted Signal messages from iPhone notification cache
CoinTelegraph ·
Fake Ledger app on Apple's Mac Store drains G. Love's $420K Bitcoin retirement fund
CoinTelegraph ·
Exodus Pay brings Visa and Apple Pay spending to self-custodial Bitcoin wallets, rolls out in five states
decrypt.co ·