Cybersecurity researchers have discovered malicious apps on the Apple App Store impersonating cryptocurrency wallets to steal recovery phrases and private keys since fall 2025. These apps redirect users to spoofed App Store pages that distribute trojanized versions of legitimate wallets, according to Kaspersky research.

Cybersecurity researchers identified 28 malicious applications on Google Play Store that falsely promised access to call histories for any phone number. The apps tricked millions of downloads into paid subscriptions that delivered only fake data, causing financial harm to users who were billed for the worthless service.