Find notable cyber news and cases, enriched with sources, timelines, and signals.

FakeWallet Apple App Store wallet-stealing apps

Malware Activity
First reported
Last updated
Happening score
H score 8
2 unique sources, 2 articles

Summary

Hide ▲

The FakeWallet app set turned the Apple App Store into a delivery channel for 26 malicious wallet lookalikes, putting crypto holders at risk of account takeover and theft. The apps impersonated brands such as Metamask, Coinbase, Trust Wallet, and OneKey, then pushed victims toward phishing pages and trojanized wallet installs. Users in China were the main target, but the design could scale beyond that market if the operators expand distribution.

Related Happenings

Rokarolla Android banking trojan activity

Malware Activity
H score26 First: 16.06.2026 16:15 Last: 16.06.2026 16:15 Sources 1

About this happening: The **Rokarolla** **Android banking trojan** is expanding phone-level control on infected devices, letting attackers steal credentials, intercept authentication codes, and hide fr...

Android 17 expands platform security and privacy protections

Security Tool/Service
H score15 First: 12.05.2026 20:00 Last: 12.05.2026 20:00 Sources 1

About this happening: **Android 17** will add a broad set of **Google**-backed security and privacy controls next month, reducing exposure to **banking scam calls**, **device theft**, and **OTP theft**...

TrickMo C TikTok-lure campaign targeting banking and wallet users in France, Italy, and Austria

Campaign
H score33 First: 11.05.2026 18:15 Last: 11.05.2026 18:15 Sources 1

About this happening: The **TrickMo** operators ran an active **TikTok-themed** campaign between **January and February 2026**, targeting **banking and wallet users** in **France, Italy and Austria**....

Sqgame[.]net gaming platform hit by network compromise

Incident
H score10 First: 05.05.2026 18:00 Last: 05.05.2026 18:00 Sources 1

About this happening: The **sqgame[.]net** gaming platform was **compromised**, and its **Windows** and **Android** software were **trojanized** to deliver malicious code to users, putting a regional e...

AccountDumpling Google AppSheet Facebook phishing campaign

Campaign
H score31 First: 01.05.2026 21:09 Last: 01.05.2026 21:09 Sources 1

About this happening: A **Vietnamese-linked** operation dubbed **AccountDumpling** is using **Google AppSheet** as a phishing relay to steal **Facebook** credentials, enabling account takeover at scale...

Timeline

  1. 21.04.2026 00:52 2 articles · 2mo ago

    FakeWallet App Store wallet-stealer disclosure

    Initial Disclosure

    Kaspersky identified FakeWallet, a campaign of 26 malicious Apple App Store apps that impersonated Metamask, Coinbase, Trust Wallet, and OneKey to steal recovery or seed phrases and drain cryptocurrency assets from users in China; the apps used fake branding, typosquatting, phishing pages, and iOS provisioning profiles, and Apple removed all 26 apps after responsible disclosure.

    Show sources