A fake Phantom wallet on Apple’s app store is reportedly draining user funds when a user recovers their account using their private key.
The application closely mimics the original Phantom wallet published by Phantom Technologies Incorporated. When searching for the Phantom wallet, the app shows up as an ad even before the original application.
While the original application is categorized as a utility, the fake app is categorized as an educational app published by Meta Voxify. The publisher only has this fake app in its listings.
Interestingly, the description of the bogus app is for an application dubbed Voxify AI, which seems to be a text-to-speech conversion tool. Searching for Voxify Ai on the app store currently directs users to the fake Phantom wallet app.
The app has multiple one-star reviews. In the app review section, several users complained of losing funds when loading their wallets into the fake app.
At the time of publication, the application had been removed from the app store. But it was still live on the platform when searching for “Meta Voxify” or “Voxify ai.”
This isn’t the first instance of malicious applications infiltrating Apple’s store.
Last year, bad actors deployed a clone of the cryptocurrency wallet Rabby Wallet. Similar to the current incident, the wallet was displayed as the first result when searching for “Rabby Wallet.”
The original wallet was only available as a standalone desktop application and a Google Chrome extension at the time.
Scammers have increasingly targeted smartphone users over the past few years. A 2023 research from cybersecurity firm Sophos revealed that pig butchering scammers were evading Google and Apple’s app store security measures to deploy malicious applications.
The scammers used an app signed with a valid certificate issued by Apple to get approved. Subsequently, they would connect the app to malicious servers in their control to defraud victims.
Whether or not bad actors used a similar tactic in this case remains unclear.
Amidst this backdrop, Mende Matthias, co-founder of the Dubai blockchain center, reportedly lost over $100,000 worth of funds from his Phantom wallet. He has stressed that his funds were transferred to a different wallet address despite having various security measures in place.
Further, he also denied interacting with any malicious links or websites. He concluded that he may have been targeted because he “openly shared” how much he invested.
Matthias has also confirmed that his funds were not lost via the fraudulent Phantom wallet application. However, he hasn’t disclosed how the attackers exploited his wallet.
The team at Phantom is yet to respond to the issue.
