Cybersecurity researchers have discovered malicious apps on the Apple App Store impersonating cryptocurrency wallets to steal recovery phrases and private keys since fall 2025. These apps redirect users to spoofed App Store pages that distribute trojanized versions of legitimate wallets, according to Kaspersky research.