{"id":99853,"date":"2024-02-22T13:09:04","date_gmt":"2024-02-22T21:09:04","guid":{"rendered":"https:\/\/www.intego.com\/mac-security-blog\/?p=99853"},"modified":"2024-02-22T13:09:04","modified_gmt":"2024-02-22T21:09:04","slug":"apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/","title":{"rendered":"Apple distributed fake crypto finance apps in App Store, leading to $100K losses"},"content":{"rendered":"<p><img loading=\"lazy\" class=\"alignnone size-full wp-image-99857\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2024\/02\/Fake-Curve-Finance-and-Rabby-Wallet-apps-App-Store-icons-600x300-1.jpg\" alt=\"\" width=\"600\" height=\"300\" \/><\/p>\n<p>Just a week after the last public App Store blunder, where <a href=\"https:\/\/www.intego.com\/mac-security-blog\/apple-is-distributing-a-fake-lastpass-password-manager-in-the-app-store\/\">a fake LastPass app was available in the App Store<\/a>, Apple is yet again in hot water.<\/p>\n<p>On February 14, a cryptocurrency company called Curve Finance warned users via social media that a fake app using its name had appeared in the App Store.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Beware of scams. There is no DeFi &quot;Curve App&quot; on <a href=\"https:\/\/twitter.com\/Apple?ref_src=twsrc%5Etfw\">@Apple<\/a> App Store, but a fake with our logo was spotted! Stay safe <a href=\"https:\/\/t.co\/7LJYyLLgco\">pic.twitter.com\/7LJYyLLgco<\/a><\/p>\n<p>&mdash; Curve Finance (@CurveFinance) <a href=\"https:\/\/twitter.com\/CurveFinance\/status\/1757736512626495723?ref_src=twsrc%5Etfw\">February 14, 2024<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Just two days later, on February 16, yet another cryptocurrency company, Rabby Wallet, warned its users via social media that a fake app was in the App Store. Shockingly, the fake app had somehow gotten approved\u2014meanwhile, the legitimate developer&#8217;s app is &#8220;still under review.&#8221;<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">\ud83d\udea8 A FAKE iOS app has resurfaced. Please note that our iOS app is still under review.<\/p>\n<p>Identify the real app by Developer: DeBank (Android) &amp; DeBank Global Pte. Ltd. (iOS).<\/p>\n<p>For secure downloads, ONLY use our official website: <a href=\"https:\/\/t.co\/FZmFjG2o5X\">https:\/\/t.co\/FZmFjG2o5X<\/a> <a href=\"https:\/\/t.co\/OX9HxHo354\">https:\/\/t.co\/OX9HxHo354<\/a><\/p>\n<p>&mdash; Rabby Wallet (@Rabby_io) <a href=\"https:\/\/twitter.com\/Rabby_io\/status\/1758476458559738181?ref_src=twsrc%5Etfw\">February 16, 2024<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>One victim <a href=\"https:\/\/discussions.apple.com\/thread\/255482851?answerId=260185331022&amp;sortBy=best#260185331022\">posted<\/a> on the official Apple Community support forums on February 17, <strong>claiming to have been scammed out of U.S. $5,000<\/strong> after downloading the fake Rabby Wallet app. Another forum user <strong>claimed to have lost $20,000.<\/strong> Meanwhile, a cumulative total of <strong>more than $100,000 was reported stolen<\/strong> by users of the real Rabby Wallet&#8217;s Discord community.<\/p>\n<h4><strong>Apple eventually removed both apps<\/strong><\/h4>\n<p>After public attention brought by social media re-posts and some coverage on tech news sites, Apple eventually removed each app from the App Store.<\/p>\n<p>It isn&#8217;t clear exactly when the Curve Finance app first made it into the App Store. The fake Rabby Wallet app was likely available starting on February 14, given the date on which the fake app&#8217;s Facebook page was created and the first (negative) review was posted.<\/p>\n<p>The fake Curve Finance app somehow had a &#8220;4.6 out of 5&#8221; star rating, with apparently nine five-stars and a single one-star rating. Meanwhile, the fake Rabby Wallet app wasn&#8217;t pre-loaded with fake ratings, so it had a &#8220;1.0 out of 5&#8221; due to two one-star ratings.<\/p>\n<h3>Does a blatant copycat constitute a legitimate app in Apple&#8217;s eyes?<\/h3>\n<p>While in the case of &#8220;<a href=\"https:\/\/www.intego.com\/mac-security-blog\/apple-is-distributing-a-fake-lastpass-password-manager-in-the-app-store\/\">LassPass<\/a>&#8221; the developer used a lookalike name and icon, in these more recent cases the infringement was much more blatant.<\/p>\n<p><strong>Both fake finance apps used the real products&#8217; names.<\/strong> This time the fake apps&#8217; developers didn&#8217;t even try to hide behind typosquatting or similarly spelled names; they just went directly for stealing the names of the companies and products they were mimicking.<\/p>\n<p>It&#8217;s a similar story with the apps&#8217; icons. The fake Curve Finance app used a <strong>nearly exact copy of the company logo<\/strong>. Meanwhile, the fake Rabby Wallet app used <strong>a silhouette version of the real company logo<\/strong>, with a similar blue background color.<\/p>\n<div id=\"attachment_99867\" style=\"width: 1010px\" class=\"wp-caption aligncenter\"><img aria-describedby=\"caption-attachment-99867\" loading=\"lazy\" class=\"wp-image-99867 size-full\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2024\/02\/Fake-Curve-Finance-and-Rabby-Wallet-App-Store-listings.jpg\" alt=\"\" width=\"1000\" height=\"500\" \/><p id=\"caption-attachment-99867\" class=\"wp-caption-text\">App Store screenshots of the fake apps. &#8220;Rabby&#8221; image via <a href=\"https:\/\/www.hackread.com\/apple-approves-fake-app-before-real-rabby-wallet\/\" target=\"_blank\" rel=\"noopener nofollow\">HackRead<\/a><\/p><\/div>\n<h3>Apple has a major problem over-approving apps in sensitive categories<\/h3>\n<p>If Apple were carefully reviewing these apps, the reviewers would have seen some potential red flags. The registered name of the developers did not match the companies&#8217; names (although this is sometimes the case with real companies that use third-party developers). But an obvious red flag was the <strong>essentially nonexistent company pages.<\/strong> The listed Developer Website for the fake Curve Finance app was a free Google Sites page, hosted at sites.google.com; this page barely included any text, had no images other than a generic backdrop, and merely listed the developer&#8217;s Proton Mail e-mail address as a supposed support method.<\/p>\n<div id=\"attachment_99864\" style=\"width: 410px\" class=\"wp-caption aligncenter\"><img aria-describedby=\"caption-attachment-99864\" loading=\"lazy\" class=\"wp-image-99864 size-full\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2024\/02\/Fake-Curve-Finance-support-site-cache-screenshot-square.jpg\" alt=\"\" width=\"400\" height=\"400\" \/><p id=\"caption-attachment-99864\" class=\"wp-caption-text\">The &#8220;Developer Website&#8221; of the fake Curve Finance app<\/p><\/div>\n<p>For the fake Rabby Wallet, the Developer Website was a generic Facebook page with the app&#8217;s name, the developer&#8217;s Hotmail e-mail address, and literally nothing else; they didn&#8217;t even bother adding any images to the page.<\/p>\n<div id=\"attachment_99865\" style=\"width: 1071px\" class=\"wp-caption aligncenter\"><img aria-describedby=\"caption-attachment-99865\" loading=\"lazy\" class=\"wp-image-99865 size-full\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2024\/02\/Fake-Rabby-Wallet-Facebook-group-page.jpg\" alt=\"\" width=\"1061\" height=\"625\" \/><p id=\"caption-attachment-99865\" class=\"wp-caption-text\">The &#8220;Developer Website&#8221; of the fake Rabby Wallet app<\/p><\/div>\n<p>Such red flags should set off alarm bells in reviewers&#8217; heads, prompting further investigation before approving the apps. But apparently, they did not.<\/p>\n<h4><strong>Apple&#8217;s app review process needs review<\/strong><\/h4>\n<p>Given the highly sensitive information that people put into finance-related apps, <strong>Apple has a moral obligation to more carefully review sensitive categories of apps in the App Store.<\/strong><\/p>\n<p>As we&#8217;ve mentioned in the past, Apple has also had an ongoing problem with approving loan apps that aren&#8217;t developed by legally licensed lenders. We noted in our <a href=\"https:\/\/www.intego.com\/mac-security-blog\/the-mac-and-iphone-malware-of-2023-and-what-to-expect-in-2024\/\">2023 Apple malware roundup<\/a> that\u00a0one independent researcher singlehandedly found and reported more than 200 fraudulent loan apps to Apple in 2023 alone. These apps may have plausibly garnered hundreds of thousands of cumulative downloads before Apple finally removed them.<\/p>\n<p>Apple&#8217;s recent approval of <a href=\"https:\/\/www.intego.com\/mac-security-blog\/apple-is-distributing-a-fake-lastpass-password-manager-in-the-app-store\/\">a fake password manager app, &#8220;LassPass,&#8221;<\/a> also exposed Apple&#8217;s shoddy reviewing practices for sensitive app categories.<\/p>\n<p>Unless Apple begins to face significant public pressure to improve its practices, it&#8217;s unlikely that Apple will change. <strong>We urge responsible mainstream and tech journalists<\/strong> to join with us in drawing attention to Apple&#8217;s consistently bad behavior.<\/p>\n<h3>What should I do if I&#8217;ve downloaded a fake app?<\/h3>\n<p>If you installed a fake version of Curve Finance or Rabby Wallet by mistake, be sure to <strong>uninstall the app <\/strong>from your device. On an iPhone, iPad, or iPod touch, press and hold on an empty area of the Home Screen until the apps start to wiggle, then tap the \u2296 (circled minus symbol) in the top-left corner of the app icon. (<a href=\"https:\/\/www.intego.com\/mac-security-blog\/how-to-delete-apps-on-an-iphone-or-ipad-or-offload-apps-to-save-space\/\">Learn more about uninstalling apps on an iPhone or iPad.<\/a>)<\/p>\n<p>If you installed the app on your Mac, you can drag it from the Applications folder to the Trash, as with other apps from the Mac App Store.<\/p>\n<p>While the recent &#8220;LassPass&#8221; fake app could be installed on Apple Vision Pro, neither &#8220;Curve Finance&#8221; nor &#8220;Rabby Wallet&#8221; were compatible with visionOS, according to their App Store pages.<a name=\"staysafe\"><\/a><\/p>\n<h3>How can I keep my Mac safe from malware?<\/h3>\n<p><img loading=\"lazy\" class=\"alignright size-medium wp-image-54214\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2016\/06\/X9-Mac-Antivirus-Launch-300x150.png\" alt=\"Intego X9 software boxes\" width=\"200\" height=\"100\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2016\/06\/X9-Mac-Antivirus-Launch-300x150.png 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2016\/06\/X9-Mac-Antivirus-Launch-150x75.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2016\/06\/X9-Mac-Antivirus-Launch.png 600w\" sizes=\"(max-width: 200px) 100vw, 200px\" \/>Intego VirusBarrier X9, included with <strong><a href=\"https:\/\/offer.intego.com\/BlogMACAV_lbmxlkchf\">Intego&#8217;s Mac Premium Bundle X9<\/a><\/strong>, is a powerful solution designed to protect against, detect, and eliminate Mac malware.<\/p>\n<p>If you believe your Mac may be infected, or to prevent future infections, it&#8217;s best to use antivirus software from a trusted Mac developer. VirusBarrier is award-winning antivirus software, designed by Mac security experts, that includes <a href=\"https:\/\/www.intego.com\/mac-security-blog\/why-your-antivirus-needs-real-time-scanning\/\">real-time protection<\/a>. It runs natively on both Intel- and Apple silicon-based Macs, and it&#8217;s compatible with Apple&#8217;s current Mac operating system, macOS Sonoma.<\/p>\n<p>One of VirusBarrier&#8217;s unique features is that it can <a href=\"https:\/\/support.intego.com\/hc\/en-us\/articles\/207114798-VirusBarrier-X9-How-to-Scan-iPhone-iPad-and-iPod-Touch\">scan for malicious files on an iPhone, iPad, or iPod touch<\/a> in user-accessible areas of the device. To get started, just attach your iOS or iPadOS device to your Mac via a USB cable and open VirusBarrier.<\/p>\n<p>If you use a Windows PC, <a href=\"https:\/\/www.intego.com\/lp\/route-podcast-intego\/?channel=Podcast_Intego&amp;lpx=buy\"><strong>Intego Antivirus for Windows<\/strong><\/a> can keep your computer protected from malware.<a name=\"learnmore\"><\/a><\/p>\n<h3>How can I learn more?<\/h3>\n<p>We discussed the fake Rabby Wallet app on <a href=\"https:\/\/podcast.intego.com\/332\">episode 332<\/a> of the Intego Mac Podcast:<\/p>\n<p><iframe loading=\"lazy\" src=\"https:\/\/player.fireside.fm\/v2\/GegHgcrH+9iB3A6uf?theme=dark\" width=\"740\" height=\"200\" frameborder=\"0\" scrolling=\"no\"><\/iframe><\/p>\n<p>Be sure to also check out our <a href=\"https:\/\/www.intego.com\/mac-security-blog\/the-mac-and-iphone-malware-of-2023-and-what-to-expect-in-2024\/#forecast\">2024 Apple malware forecast<\/a>.<\/p>\n<p><a href=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2021\/04\/intego-podcast-artwork-400.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img class=\"alignleft\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2021\/04\/intego-podcast-artwork-400.jpg\" alt=\"\" width=\"80\" \/><\/a>Each week on the <a href=\"https:\/\/podcast.intego.com\/\" target=\"_blank\" rel=\"noopener\"><strong>Intego Mac Podcast<\/strong><\/a>, Intego&#8217;s Mac security experts discuss the latest Apple news, including security and privacy stories, and offer practical advice on getting the most out of your Apple devices. Be sure to <a href=\"https:\/\/podcasts.apple.com\/us\/podcast\/intego-mac-podcast\/id1293834627\" rel=\"noopener\"><strong>follow the podcast<\/strong><\/a> to make sure you don\u2019t miss any episodes.<\/p>\n<p>You can also subscribe to our <a href=\"https:\/\/www.intego.com\/mac-security-blog\/mac-security-newsletter\/\"><strong>e-mail newsletter<\/strong><\/a> and keep an eye here on <a href=\"https:\/\/www.intego.com\/mac-security-blog\"><strong>The Mac Security Blog<\/strong><\/a> for the latest Apple security and privacy news. And don&#8217;t forget to follow Intego on your favorite social media channels: <a href=\"https:\/\/twitter.com\/IntegoSecurity\" target=\"_blank\" rel=\"noopener\"><img style=\"border-width: 1px; border-style: solid; border-color: rgba(255, 255, 255, 0.2); border-radius: 8px;\" title=\"Follow Intego on Twitter\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2021\/10\/Twitter-logo-icon-64.png\" alt=\"Follow Intego on Twitter\" width=\"16\" \/><\/a>\u00a0<a href=\"https:\/\/www.facebook.com\/Intego\" target=\"_blank\" rel=\"noopener\"><img style=\"border-width: 1px; border-style: solid; border-color: rgba(255, 255, 255, 0.2); border-radius: 8px;\" title=\"Follow Intego on Facebook\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2021\/10\/Facebook-logo-icon-64.png\" alt=\"Follow Intego on Facebook\" width=\"16\" \/><\/a>\u00a0<a href=\"https:\/\/www.youtube.com\/user\/IntegoVideo?sub_confirmation=1\" target=\"_blank\" rel=\"noopener\"><img style=\"border-width: 1px; border-style: solid; border-color: rgba(0, 0, 0, 0.2); border-radius: 8px;\" title=\"Follow Intego on YouTube\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2021\/10\/YouTube-logo-icon-64.png\" alt=\"Follow Intego on YouTube\" width=\"16\" \/><\/a>\u00a0<a href=\"https:\/\/www.pinterest.com\/intego\/\" target=\"_blank\" rel=\"noopener\"><img style=\"border-width: 1px; border-style: solid; border-color: rgba(0, 0, 0, 0.2); border-radius: 8px;\" title=\"Follow Intego on Pinterest\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2021\/10\/Pinterest-logo-icon-64.png\" alt=\"Follow Intego on Pinterest\" width=\"16\" \/><\/a>\u00a0<a href=\"https:\/\/www.linkedin.com\/company\/intego\" target=\"_blank\" rel=\"noopener\"><img style=\"border-width: 1px; border-style: solid; border-color: rgba(255, 255, 255, 0.2); border-radius: 8px;\" title=\"Follow Intego on LinkedIn\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2021\/10\/LinkedIn-logo-icon-64.png\" alt=\"Follow Intego on LinkedIn\" width=\"16\" \/><\/a>\u00a0<a href=\"https:\/\/www.instagram.com\/intego_security\/\" target=\"_blank\" rel=\"noopener\"><img style=\"border-width: 1px; border-style: solid; border-color: rgba(255, 255, 255, 0.2); border-radius: 8px;\" title=\"Follow Intego on Instagram\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2021\/10\/Instagram-logo-icon-64.png\" alt=\"Follow Intego on Instagram\" width=\"16\" \/><\/a>\u00a0<a href=\"https:\/\/podcasts.apple.com\/us\/podcast\/intego-mac-podcast\/id1293834627\" target=\"_blank\" rel=\"noopener\"><img style=\"border-width: 1px; border-style: solid; border-color: rgba(255, 255, 255, 0.2); border-radius: 8px;\" title=\"Follow the Intego Mac Podcast on Apple Podcasts\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile.png\" alt=\"Follow the Intego Mac Podcast on Apple Podcasts\" width=\"16\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Once again, Apple\u2019s App Store review team has failed miserably, approving two fake cryptocurrency finance apps that blatantly stole the names and logos of real companies. Here\u2019s what to do if you\u2019ve downloaded one of these apps.<\/p>\n","protected":false},"author":14,"featured_media":99856,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[190],"tags":[317,1486,86],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"Once again, Apple\u2019s App Store review team has failed miserably, approving two fake cryptocurrency finance apps that blatantly stole the names and logos of real companies. Here\u2019s what to do if you\u2019ve downloaded one of these apps.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Apple distributed fake crypto finance apps in App Store, leading to $100K losses - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"Once again, Apple\u2019s App Store review team has failed miserably, approving two fake cryptocurrency finance apps that blatantly stole the names and logos of real companies. Here\u2019s what to do if you\u2019ve downloaded one of these apps.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/JoshLong\" \/>\n<meta property=\"article:published_time\" content=\"2024-02-22T21:09:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2024\/02\/Fake-Curve-Finance-and-Rabby-Wallet-apps-App-Store-icons-400x260-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"400\" \/>\n\t<meta property=\"og:image:height\" content=\"260\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@theJoshMeister\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Joshua Long\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2024\/02\/Fake-Curve-Finance-and-Rabby-Wallet-apps-App-Store-icons-400x260-1.jpg\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2024\/02\/Fake-Curve-Finance-and-Rabby-Wallet-apps-App-Store-icons-400x260-1.jpg\",\"width\":400,\"height\":260,\"caption\":\"Fake Curve Finance and Rabby Wallet apps in the iOS App Store icons\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/\",\"name\":\"Apple distributed fake crypto finance apps in App Store, leading to $100K losses - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#primaryimage\"},\"datePublished\":\"2024-02-22T21:09:04+00:00\",\"dateModified\":\"2024-02-22T21:09:04+00:00\",\"description\":\"Once again, Apple\\u2019s App Store review team has failed miserably, approving two fake cryptocurrency finance apps that blatantly stole the names and logos of real companies. Here\\u2019s what to do if you\\u2019ve downloaded one of these apps.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Apple distributed fake crypto finance apps in App Store, leading to $100K losses\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1\"},\"headline\":\"Apple distributed fake crypto finance apps in App Store, leading to $100K losses\",\"datePublished\":\"2024-02-22T21:09:04+00:00\",\"dateModified\":\"2024-02-22T21:09:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#webpage\"},\"wordCount\":1199,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2024\/02\/Fake-Curve-Finance-and-Rabby-Wallet-apps-App-Store-icons-400x260-1.jpg\",\"keywords\":[\"App Store\",\"iOS Malware\",\"Malware\"],\"articleSection\":[\"Malware\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1\",\"name\":\"Joshua Long\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g\",\"caption\":\"Joshua Long\"},\"description\":\"Joshua Long (@theJoshMeister), formerly Intego\\u2019s Chief Security Analyst, is a renowned security researcher and writer, and an award-winning public speaker. Josh has a master\\u2019s degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple\\u00a0ID authentication vulnerability. Josh has conducted cybersecurity research for well over 25 years, which is often featured by major news outlets worldwide. Keep up with Josh via X\/Twitter, LinkedIn, Facebook, Instagram, YouTube, Patreon, Mastodon, the JoshMeister on Security, and more. \\u2014\",\"sameAs\":[\"https:\/\/security.thejoshmeister.com\",\"https:\/\/www.facebook.com\/JoshLong\",\"https:\/\/www.instagram.com\/thejoshmeister\/\",\"https:\/\/www.linkedin.com\/in\/thejoshmeister\",\"https:\/\/www.pinterest.com\/thejoshmeister\/\",\"https:\/\/twitter.com\/theJoshMeister\",\"https:\/\/www.youtube.com\/@theJoshMeister\"],\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/joshlong\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"Once again, Apple\u2019s App Store review team has failed miserably, approving two fake cryptocurrency finance apps that blatantly stole the names and logos of real companies. Here\u2019s what to do if you\u2019ve downloaded one of these apps.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/","og_locale":"en_US","og_type":"article","og_title":"Apple distributed fake crypto finance apps in App Store, leading to $100K losses - The Mac Security Blog","og_description":"Once again, Apple\u2019s App Store review team has failed miserably, approving two fake cryptocurrency finance apps that blatantly stole the names and logos of real companies. Here\u2019s what to do if you\u2019ve downloaded one of these apps.","og_url":"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/","og_site_name":"The Mac Security Blog","article_author":"https:\/\/www.facebook.com\/JoshLong","article_published_time":"2024-02-22T21:09:04+00:00","og_image":[{"width":400,"height":260,"url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2024\/02\/Fake-Curve-Finance-and-Rabby-Wallet-apps-App-Store-icons-400x260-1.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_creator":"@theJoshMeister","twitter_misc":{"Written by":"Joshua Long","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2024\/02\/Fake-Curve-Finance-and-Rabby-Wallet-apps-App-Store-icons-400x260-1.jpg","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2024\/02\/Fake-Curve-Finance-and-Rabby-Wallet-apps-App-Store-icons-400x260-1.jpg","width":400,"height":260,"caption":"Fake Curve Finance and Rabby Wallet apps in the iOS App Store icons"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/","name":"Apple distributed fake crypto finance apps in App Store, leading to $100K losses - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#primaryimage"},"datePublished":"2024-02-22T21:09:04+00:00","dateModified":"2024-02-22T21:09:04+00:00","description":"Once again, Apple\u2019s App Store review team has failed miserably, approving two fake cryptocurrency finance apps that blatantly stole the names and logos of real companies. Here\u2019s what to do if you\u2019ve downloaded one of these apps.","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Apple distributed fake crypto finance apps in App Store, leading to $100K losses"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1"},"headline":"Apple distributed fake crypto finance apps in App Store, leading to $100K losses","datePublished":"2024-02-22T21:09:04+00:00","dateModified":"2024-02-22T21:09:04+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#webpage"},"wordCount":1199,"commentCount":0,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2024\/02\/Fake-Curve-Finance-and-Rabby-Wallet-apps-App-Store-icons-400x260-1.jpg","keywords":["App Store","iOS Malware","Malware"],"articleSection":["Malware"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/apple-distributed-fake-crypto-finance-apps-in-app-store-leading-to-100k-losses\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1","name":"Joshua Long","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g","caption":"Joshua Long"},"description":"Joshua Long (@theJoshMeister), formerly Intego\u2019s Chief Security Analyst, is a renowned security researcher and writer, and an award-winning public speaker. Josh has a master\u2019s degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple\u00a0ID authentication vulnerability. Josh has conducted cybersecurity research for well over 25 years, which is often featured by major news outlets worldwide. Keep up with Josh via X\/Twitter, LinkedIn, Facebook, Instagram, YouTube, Patreon, Mastodon, the JoshMeister on Security, and more. \u2014","sameAs":["https:\/\/security.thejoshmeister.com","https:\/\/www.facebook.com\/JoshLong","https:\/\/www.instagram.com\/thejoshmeister\/","https:\/\/www.linkedin.com\/in\/thejoshmeister","https:\/\/www.pinterest.com\/thejoshmeister\/","https:\/\/twitter.com\/theJoshMeister","https:\/\/www.youtube.com\/@theJoshMeister"],"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/joshlong\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2024\/02\/Fake-Curve-Finance-and-Rabby-Wallet-apps-App-Store-icons-400x260-1.jpg","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-pYx","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/99853"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=99853"}],"version-history":[{"count":19,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/99853\/revisions"}],"predecessor-version":[{"id":99905,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/99853\/revisions\/99905"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/99856"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=99853"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=99853"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=99853"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}