26 Malicious Crypto Wallet Apps Found in China's Apple App Store

Twenty-six malicious apps impersonating popular cryptocurrency wallets — including Metamask, Coinbase, Trust Wallet, and OneKey — were discovered in China’s regional Apple App Store. The apps harvest wallet recovery or seed phrases entered by users and drain cryptocurrency assets.

The apps bypassed Apple’s review process to reach the official storefront, making this a supply-chain-adjacent risk where users trust the platform’s vetting but receive a malicious application. The China App Store is regionally scoped, limiting immediate global exposure, but the technique is portable to other storefronts.

Users with crypto holdings should source wallet apps only from verified official developer links, verify publisher identity and review count before installing, and never enter seed phrases into an app that was not confirmed safe by the wallet’s official channels.