China's Apple App Store infiltrated by crypto-stealing wallet apps
Summary
Apple's App Store in China has been infiltrated by 26 malicious apps disguised as popular cryptocurrency wallets. These apps aim to steal users' recovery or seed phrases to drain their digital assets.
IFF Assessment
FOE
This is bad news for defenders as it represents a successful attack on a trusted platform to steal user funds.
Defender Context
This incident highlights the ongoing threat of sophisticated social engineering attacks, even on curated app stores. Defenders should be aware of the tactics used, such as impersonation of legitimate services, and educate users on verifying app authenticity and the dangers of sharing sensitive recovery phrases.