A fake version of the popular crypto wallet, Rabby Wallet, has been wreaking havoc on unsuspecting users on the Apple App Store, with multiple users reporting significant financial losses.
Despite numerous complaints from users, the malicious app is still available for download on the App Store and puts question marks on Apple’s app vetting process.
Alarm Over Fake App
Rabby Wallet is a popular crypto wallet made by Debank. The wallet has been around for a considerable amount of time and supports over 140 chains and multiple signing modes. On 16th February, the company announced that it was launching the beta version of its mobile app. Unfortunately for users, a fake Rabby App ended up getting approved before the actual wallet app, leading to users downloading the fake app. The fake app is a drainer with no connection to the actual Rabby App. Rabby Wallet issued a warning to its users through X, asking them to avoid the fake app.
“A FAKE iOS app has resurfaced. Please note that our iOS app is still under review. Identify the real app by Developer: DeBank (Android) & DeBank Global Pte. Ltd. (iOS). For secure downloads, ONLY use our official website.”
Alarmingly, despite being flagged by users, the fake app continues to be available for download on Apple’s App Store.
Significant Losses
Reports from users paint a highly distressing picture, with numerous users reporting considerable losses. One user stated they lost over $5000 because of the fake app, while another claimed a 10% loss to their overall portfolio thanks to the app. An NFT collector also reported a significant drain on their wallet, resulting in a loss of nearly $40,000 worth of ETH. Several users posted their experiences on Reddit and Apple’s official forums.
“This has been reported by many people, but the app is still in the app store. The problem is the Real Rabby Wallet has an app under review by Apple, so this scammer’s approved AppStore App called “Rabby Wallet & Crypto Solution” is tricking people into thinking it is the genuine one; they enter their seed phrase or private key, and moments later all of their life savings, crypto belongings are GONE!”
Another user posted on X that they had imported their seed into the fake app and ended up losing most of their funds.
“So today I was drained by a fake wallet on @Apple app store. It was a wallet that resembled @Rabby_io, and I imported my seed in there. after that, the person behind the scam managed to removed most of my assets So be careful with wallets even on app store (I thought a wallet was a safe app – stupid ofc!) I can see from Etherscan that more people are being drained. Please share this so no one else is drained through this scam.”
Apple’s App Screening Protocols Criticized
Apple is known for following a stringent approval process to allow apps on their App Store. However, a user on Reddit said that Apple Support stated the app was approved as something else in the past and had remained active all this while. Shortly after the launch announcement was made, the app was updated to resemble the Rabby Wallet app.
“It seems this is a Long Con […]. What apparently happened here is this app was vetted and approved years ago into AppStore as, I assume, just some basic personal finance app, something generic. Then what they did is an “Update” that rebranded into the Phishing Wallet with Rabby Wallet artwork recently, and their update was approved before and created this whole mess.”
This is not the first time a fake Rabby app has been encountered on the App Store, with similar developments occurring in October and December 2023. This indicates a recurring vulnerability in Apple’s app verification procedures. The recurrence of the app highlights the necessity of more stringent measures to safeguard users against fraudulent apps in the future.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Source: https://cryptodaily.co.uk/2024/02/fake-rabby-app-targets-users-despite-multiple-reports-to-apple