APPLE REMOVES MALICIOUS TREZOR APP FROM APP STORE

Last updated: June 19, 2025, 19:31 | Written by: Chris Larsen

The world of cryptocurrency is exciting and innovative, but it's also fraught with risks.Just when you thought you were securing your digital assets with a hardware wallet, a nasty surprise might be lurking in the very place you trust: your app store. Altszn.com provides the latest news, resources and insights on Bitcoin, Ethereum, Solana, DeFi, Web3, NFTs and other cryptocurrency markets.Recently, Apple took swift action by removing a malicious app posing as the legitimate Trezor Wallet Suite from its App Store.This fake app, designed to steal cryptocurrency by prompting users for their sensitive seed phrases, highlights the ever-present danger of scams in the crypto space.The incident serves as a stark reminder of the need for heightened vigilance when downloading and using cryptocurrency-related applications.While Apple’s prompt response is commendable, the fact that such an app made it through the review process in the first place raises serious questions about app store security and the potential vulnerabilities faced by crypto investors.Even after the takedown, reports indicate that copycat apps are still present, underscoring the persistent threat.This article delves into the details of this incident, explores the implications for crypto users, and provides practical tips on how to safeguard your digital assets.

The Malicious Trezor App Incident

The saga began when Rafael Yakobi, Managing Partner at Crypto Lawyers, issued a public warning on June 20th, alerting the crypto community to the presence of a malicious Trezor app on Apple's App Store. An apparent malicious app purporting to be crypto hardware wallet Trezor has been taken off Apples App Store, though a quick search has revealed that other copycat apps are still lurking. On June 20, Managing Partner at Crypto Lawyers, Rafael Yakobi, posted a security alert regarding Apples App Store.This fraudulent application, named ""Trezor Wallet Suite,"" was specifically crafted to deceive users into divulging their seed phrases. Apple s prompt response to the discovery of the fake Trezor app demonstrates its commitment to maintaining the integrity of its platform and ensuring the safety of its users. By swiftly removing the malicious app, they have prevented potential crypto theft and reinforced the importance of app store security.For those unfamiliar, a seed phrase is a set of words that acts as the master key to your cryptocurrency wallet.If someone gains access to your seed phrase, they essentially have complete control over your funds.

The app's primary tactic involved tricking users into entering their seed phrase, under the guise of setting up or restoring their Trezor hardware wallet.Once the seed phrase was entered, the scammers could then drain the user's wallet of all its cryptocurrency.The speed and efficiency with which these scams operate can leave victims with little to no recourse.

Upon being notified of the issue, Apple acted quickly to remove the malicious app from the App Store.This rapid response demonstrates Apple's commitment to maintaining a secure platform and protecting its users from fraudulent activities.However, the incident also exposed a significant weakness in the app review process, as the fake Trezor app managed to bypass security measures and reach unsuspecting users.

The Lingering Threat of Copycat Apps

While Apple's swift removal of the initial malicious app is a positive step, the danger is far from over. Rafael Yakobi, managing partner of Crypto Lawyers, issued a warning about the safety of the Apple App Store on June 20. According to Yakobi, a search for Trezor returns a malicious program designed to steal crypto as the top result. When notified of malicious or fraudulent software, Apple is often swift to remove it from its app storeReports have surfaced indicating that other copycat apps, mimicking the Trezor interface or using similar names, are still lurking in the App Store. An apparent malicious app purporting to be crypto hardware wallet Trezor has been taken off Apple s App Store, though a quick search has revealed that other copycat apps are still lurking.On June 20, Managing Partner at Crypto Lawyers, Rafael Yakobi, posted a security alert regarding Apple s App StThese apps, while perhaps not as overtly malicious as the original fake ""Trezor Wallet Suite,"" could still pose a significant risk to users.

For example, an app called ""MyTREZŌR Suite: One Edition"" was identified as a potential copycat.While it may not be actively stealing seed phrases, its presence can create confusion and increase the likelihood of users inadvertently downloading a harmful application.The subtle differences in name and branding can easily trick less experienced crypto users, making them vulnerable to scams and phishing attacks.

How to Identify and Avoid Copycat Crypto Apps

Navigating the app store landscape can be tricky, especially with the constant emergence of new and potentially harmful apps.Here are some practical tips to help you identify and avoid copycat crypto apps:

Verify the Developer: Always check the developer's name and reputation. What Happened: A malicious version of the wallet app has reportedly made it to the Apple App Store under the fake name Trezor Wallet Suite. Benzinga confirmed that the malicious Trezor app hasLegitimate crypto companies will have a well-established online presence and verifiable contact information. Apple has removed a fake Trezor wallet app after a researcher revealed its presence in the App Store but others Apple removes malicious Trezor app from App Store - XBT.Market Market Cap: $3,545,735,553,913.64Be wary of developers with generic names or little to no online history.
Read Reviews Carefully: Don't just look at the star rating; read the actual reviews.Pay attention to comments about suspicious behavior, unusual permissions requests, or any reports of security issues.
Cross-Reference with Official Sources: Before downloading any crypto app, visit the official website of the hardware wallet or exchange. A malicious Trezor app has appeared on the Apple App Store under the fake name Trezor Wallet Suite.Look for official links to their app store listings. Apple s App Store has removed a malicious app that was pretending to be the crypto hardware wallet Trezor. However, there are still other fake apps on the store. Rafael Yakobi, Managing Partner at Crypto Lawyers, posted a security alert on June 20th, warning that the first search result for Trezor on the App Store was a malicious appIf you can't find a link on the official website, be extremely cautious.
Pay Attention to Permissions: Be mindful of the permissions requested by the app. An apparent malicious app purporting to be crypto hardware wallet Trezor has been taken off Apple s App Store, though a quick search has revealed that other copycat apps are still lurking. OnDoes a crypto wallet app really need access to your contacts or location? An apparent malicious app purporting to be crypto hardware wallet Trezor has been taken off Apple s App Store, though a quick search has revealed that other copycat apps are still lurking. On June 20, Managing Partner at Crypto Lawyers, Rafael Yakobi, posted a security alert regarding Apple s App Store. Yakobi reported that the first resultQuestion any requests that seem excessive or unrelated to the app's core functionality.
Use Two-Factor Authentication (2FA): Enable 2FA on all your crypto accounts.This adds an extra layer of security, making it more difficult for hackers to access your funds, even if they obtain your password.
Be Wary of Impersonation: Scammers often try to impersonate legitimate companies or support staff. tldr; Apple has removed a malicious app called Trezor Wallet Suite from its App Store after it was found to be stealing cryptocurrency. The app was designed to request users' seed phrases, allowing its operators to steal all of their crypto. However, other copycat apps, such as MyTREZŌR Suite: One Edition, are still available on the App Store.Be extremely cautious of unsolicited emails, messages, or phone calls asking for your seed phrase or private keys.
Double-Check the URL: Always verify the URL of any website or app you're using, especially when dealing with sensitive information like your seed phrase.Look for typos or subtle variations in the domain name.
Keep Your Software Updated: Regularly update your operating system and apps to patch security vulnerabilities.Software updates often include critical security fixes that can protect you from malware and other threats.

The Importance of App Store Security

The Apple removes malicious Trezor app incident underscores the critical role that app store security plays in protecting users, especially those involved in the cryptocurrency space. The removal came after Rafael Yakobi, Managing Partner at Crypto Lawyers, alerted users to the presence of a malicious app disguised as the popular crypto hardware wallet, Trezor. Yakobi warned that the app, named Trezor Wallet Suite, was designed to steal cryptocurrency by requesting users seed phrases. Although the total number ofApp stores are often the first point of contact for users looking to manage their digital assets, making them a prime target for scammers and malicious actors.A robust app review process is essential to prevent fraudulent and harmful applications from reaching users.

Apple, Google, and other app store providers have a responsibility to implement stringent security measures, including thorough code reviews, automated malware detection, and ongoing monitoring of app behavior.They also need to be responsive to reports of suspicious activity and act quickly to remove malicious apps from their platforms.

What More Can App Stores Do?

While Apple's swift response in this case is commendable, the incident highlights the need for continuous improvement in app store security.Here are some potential measures that app stores could implement to enhance user protection:

Enhanced App Review Process: Implement a more rigorous and comprehensive app review process, specifically tailored to cryptocurrency-related applications.This could involve specialized security audits and stricter verification of developer credentials.
Real-Time Monitoring: Implement real-time monitoring of app behavior to detect suspicious activity, such as unauthorized access to user data or attempts to phish for seed phrases.
User Reporting Mechanisms: Make it easier for users to report suspicious apps and provide clear guidelines on what constitutes a fraudulent or malicious application.
Collaboration with Crypto Industry: Collaborate with cryptocurrency companies and security experts to stay ahead of emerging threats and develop best practices for app security.
Educational Resources: Provide educational resources to help users identify and avoid scams and phishing attacks.This could include articles, videos, and interactive tutorials on app store security.
Delayed Release for Crypto Apps: Consider a delayed release period for new cryptocurrency-related apps, allowing more time for security experts and the community to review and identify potential vulnerabilities.
Stronger Developer Verification: Implement stronger verification procedures for developers, requiring them to provide proof of identity and business registration before being allowed to publish crypto apps.

Understanding the Risks of Cryptocurrency Wallets

Cryptocurrency wallets, whether they are hardware wallets like Trezor or software wallets on your computer or phone, are essential tools for managing your digital assets.However, they also come with inherent risks.Understanding these risks is crucial for protecting your funds from theft and loss.

One of the biggest risks is the loss of your seed phrase.As mentioned earlier, the seed phrase is the master key to your wallet.If you lose it, you lose access to your funds.It's crucial to store your seed phrase securely, preferably offline and in multiple locations.Never store it on your computer or phone, and never share it with anyone.

Different Types of Wallets and Their Security Implications

There are several types of cryptocurrency wallets, each with its own security implications:

Hardware Wallets: Hardware wallets, like Trezor and Ledger, are considered the most secure option for storing cryptocurrency.They store your private keys offline, making them resistant to hacking and malware.However, they are not immune to phishing attacks and social engineering scams.
Software Wallets: Software wallets are applications that run on your computer or phone.They are more convenient than hardware wallets, but they are also more vulnerable to hacking and malware.It's important to use a reputable software wallet and keep your software up to date.
Exchange Wallets: Exchange wallets are wallets provided by cryptocurrency exchanges.They are the least secure option for storing cryptocurrency, as you don't control your private keys.It's best to only use exchange wallets for short-term trading purposes.
Paper Wallets: Paper wallets are a type of cold storage where your private and public keys are printed on a piece of paper.While secure against online threats, they are susceptible to physical damage or theft.

Practical Steps to Secure Your Crypto Assets

Protecting your cryptocurrency assets requires a multi-layered approach.Here are some practical steps you can take to enhance your security:

Use a Hardware Wallet: If you hold a significant amount of cryptocurrency, invest in a hardware wallet.This is the most secure way to store your private keys.
Store Your Seed Phrase Securely: Store your seed phrase offline, in multiple secure locations.Consider using a metal seed phrase backup to protect it from fire and water damage.
Use Strong Passwords: Use strong, unique passwords for all your crypto accounts.Use a password manager to generate and store your passwords securely.
Enable Two-Factor Authentication (2FA): Enable 2FA on all your crypto accounts.Use a hardware security key (like YubiKey) for the strongest level of security.
Be Wary of Phishing Attacks: Be extremely cautious of unsolicited emails, messages, or phone calls asking for your seed phrase or private keys.Never click on suspicious links or download attachments from unknown sources.
Keep Your Software Updated: Regularly update your operating system and apps to patch security vulnerabilities.
Use a VPN: Use a Virtual Private Network (VPN) when accessing your crypto accounts, especially on public Wi-Fi networks.A VPN encrypts your internet traffic and protects your data from eavesdropping.
Diversify Your Holdings: Don't put all your eggs in one basket.Diversify your crypto holdings across multiple wallets and exchanges.
Stay Informed: Stay up-to-date on the latest security threats and best practices for protecting your cryptocurrency.Follow reputable security experts and crypto news sources.

What To Do If You Suspect You've Downloaded a Malicious App

Discovering you've downloaded a potentially malicious app can be alarming.Immediate action is crucial to minimize potential damage.Here's a step-by-step guide:

Disconnect from the Internet: Immediately disconnect your device from the internet to prevent the app from sending any further data to its operators.
Uninstall the App: Uninstall the suspected malicious app from your device.
Run a Malware Scan: Run a full malware scan on your device using a reputable antivirus program.
Change Your Passwords: Change the passwords for all your cryptocurrency accounts and any other sensitive accounts that may have been compromised.
Move Your Funds: If you entered your seed phrase into the malicious app, immediately move your cryptocurrency to a new, secure wallet with a different seed phrase.
Report the App: Report the malicious app to the app store provider (e.g., Apple, Google) and to relevant security agencies.
Monitor Your Accounts: Monitor your cryptocurrency accounts and bank accounts for any unauthorized activity.
Contact Support: Contact the support team of your hardware wallet or exchange for assistance.

The Future of Crypto Security on Mobile Platforms

The incident involving the fake Trezor app on Apple's App Store is a wake-up call for the entire cryptocurrency industry.It highlights the need for greater collaboration between app store providers, crypto companies, and security experts to improve the security of mobile platforms.As cryptocurrency becomes more mainstream, it's crucial to ensure that users have access to secure and trustworthy applications for managing their digital assets.

Moving forward, we can expect to see more stringent app review processes, enhanced security measures, and greater emphasis on user education.App store providers will likely implement more sophisticated malware detection techniques and work more closely with the crypto industry to identify and address emerging threats.Users, in turn, will need to become more vigilant about the apps they download and the permissions they grant.A combination of proactive security measures and informed user behavior is essential for creating a safe and secure environment for cryptocurrency users on mobile platforms.

Conclusion: Staying Safe in the Crypto App Ecosystem

The Apple removes malicious Trezor app story serves as a critical reminder of the risks lurking within app stores, even on seemingly secure platforms like iOS.While Apple’s swift action to remove the app is encouraging, the existence of copycat apps highlights the ongoing need for vigilance.Always double-check the developer, read reviews carefully, and cross-reference with official sources before downloading any cryptocurrency-related application.Securing your crypto assets requires a multi-faceted approach, including using hardware wallets, storing seed phrases offline, enabling two-factor authentication, and staying informed about the latest security threats.By taking these precautions, you can significantly reduce your risk of becoming a victim of crypto scams and protect your hard-earned digital assets.Remember, in the world of cryptocurrency, knowledge and caution are your best defenses.