Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
United States Google Apple

Apple and Google Come Under Scrutiny For Scammy Crypto Apps (theverge.com) 15

An anonymous reader shares a report: From Elon Musk Twitter impersonators to dubious Discord chats, cryptocurrency and non-fungible token (NFT) scammers have stolen billions of dollars from investors over the last few years. But now, politicians and law enforcement are turning their attention to Apple and Google -- companies that operate huge app stores -- and how they review fraudulent crypto apps.

In letters to Apple CEO Tim Cook and Google CEO Sundar Pichai on Thursday, Sen. Sherrod Brown (D-OH) asked that the companies explain their processes in reviewing and approving crypto trading and wallet apps for download on their app stores. Brown's inquiry follows a recently released FBI report warning that 244 investors have been scammed out of $42.7 million from fraudulent cryptocurrency apps claiming to be credible investment platforms in under a year. "Crypto mobile apps are available to the public through app stores, including Apple's App Store," the senator wrote to Cook on Thursday. "While cryptocurrency apps have offered investors easy and convenient ways to trade cryptocurrency, reports have emerged of fake crypto apps that have scammed hundreds of investors."

This discussion has been archived. No new comments can be posted.

Apple and Google Come Under Scrutiny For Scammy Crypto Apps

Comments Filter:
  • The "investors" were going to eventually lose the money anyway.
    • Ayup - All cryptocraplets are fraudulent by definition. There is no such thing as an honest Ponzi scheme.
    • by drinkypoo ( 153816 ) <drink@hyperlogos.org> on Thursday July 28, 2022 @11:57AM (#62741868) Homepage Journal

      Apple's problem, and to a lesser extent Google's, is that these apps come from the official app store where it is claimed that users are protected by a vetting process. It's a smaller problem for Google because they aren't trying to prevent anyone from using another app store — in fact, in Android 12, third-party app stores are on equal footing with the Play Store even when installed as a user app, and not in the system partition. Apple, on the other hand, sets themselves up as the only arbiter of what may be run on your iDevice. That means essentially 100% of the malware came from Apple's store, and what's more, they're preventing anyone else from competing with them on the basis of security. If Apple is failing at security (they are) while claiming to provide it (also true) then their whole business model is under threat.

      • Re: (Score:3, Funny)

        by Tablizer ( 95088 )

        Apple can't have it both ways. If they claim their walled garden is vetted, then they own any vetting failures.

        • Do these apps actually store your crypto on your device? or do they allow you to access the crypto you've stored in an exchange?

          IF the former, then the question becomes, did the the breach occur through a flaw in the something Apple/Android controls, or was it an off-device exploit?

          If on-device, and due to a flaw in something the platform controls, then sure they have some liability. If not, then it is on the app developer. I expect that these wallets are front ends for exchanges and are not storing the k
          • It remains to be seen whether Apple will ever wind up legally responsible for any of these SNAFUs. If I had to bet, I would probably bet no. But it makes them look bad, and it makes their argument that they provide a safely curated computing experience with their walled garden look bad. And that in turn might hurt them, because their argument that preventing sideloading protects users doesn't stand up if it does not in fact protect users.

            Only the most successful products might succeed at selling on iDevices

      • by znrt ( 2424692 )

        very true except this isn't malware, but regular harmless apps that offer crypto services. if the people behind these offers are legit is not something a software vetting system can usually verify. one could argue that any crypto offering is potentially a scam.

        the fbi report mentions one case where the app used the logo and name of an actual financial institution. this could have been easily exposed, but still accounts for only 3 millions of the alleged 42 millions in scams. otherwise these apps are legit,

        • one could argue that any crypto offering is potentially a scam.

          We're talking about apps which were advertised fraudulently and used to commit fraud as well, and we know which ones they are (some of them, anyway.) This isn't about potentially. This is about actually.

          • by znrt ( 2424692 )

            well, i don't really know these apps, and the info in tfa is scarce and vague.

            but then, an app that "impersonates" another company is clearly fraudulent, an app that simply offers investment opportunities isn't necessarily, even if at the end the people behind that app don't pay up. how is a software vetting process going to flag that before the fact?

            mind you, i'm not defending apple's walled garden at all, that's another can of worms, it's just that there are some things from which no amount of IT security

  • If they're tied to a currency, that's already a scam, isn't it?

  • Lets waste untold amounts of dollars chasing down grifters, instead of stopping the grift.
  • Apple for example checks that the app doesnâ(TM)t crash, doesnâ(TM)t use undocumented APIs, doesnâ(TM)t empty your battery, respects your privacy and so on. It checks that the app does what it is supposed to do. It checks that there is a real company. Is Apple supposed to start a criminal investigation? Maybe they should offer sending the details of all apps to the FBI (at least the details the FBI could get by opening an AppStore account).
  • Forget the apps, what about Google's YouTube platform which continues to allow fraudulent livestreams that purport to have Elon Musk offering two for one BitCoin deals. The BBC has reported on this (go find that story yourself, I'm not your mother) but those streams continue to this day.

    Kind of handy how YT's systems can spot even a microsecond of copyrighted music on their platform but can't detect when the same old images/video and URLs are used to pitch these scams to gullible users of the platform.

    If t

  • ... claiming to be credible investment platforms ...

    How do Apple/Google decide a service is credible? What about all those corporate apps that are just a auto-login for a web-page and spy on the phone as means of 'authentication': Is that a credible service?

    I remember the 2000s when many 'encryption' apps just renamed and moved the file, no obfuscating of the data occurred. No-one complained about that, but this is costing the middle-class their money, so someone has to save them. It's impossible to punish anonymous script kiddies so victims point the

"Marriage is low down, but you spend the rest of your life paying for it." -- Baskins

Working...