Apple, the biggest company in the world, has been slapped with a class-action lawsuit by a group of disgruntled XRP holders who claim to have lost their funds because of a phishing application.
Cybersecurity IT professional Hadona Diep filed the lawsuit in Federal District Court in Maryland on Sept. 16 on behalf of similarly situated individuals.
The legal dispute revolves around a cryptocurrency wallet called Toast Plus. Diep claims that the Cupertino-headquartered tech giant should be held liable for authorizing the malicious app in the App Store and failing to remove it.
Apple has long prided itself on its rigorous application vetting process, which is supposed to set it apart from archrival Android. Because of its locked-down ecosystem, the company has full control over placing applications on the "monopolistic" App Store.
The plaintiff downloaded the application in March 2020 to her iPhone. She believed that it was a version of Toast Wallet due to its "nearly identical" logo:
Plaintiff believed that Toast Plus was a version of Toast Wallet, a well known cryptocurrency wallet, as the names were similar and the logo used for the application in the App Store was the same or nearly identical.
Diep initially relied on Rippex, a popular XRP desktop wallet, for storing her tokens before the project shut down in January 2018. This March, she transferred her holdings to the Toast Plus app and then discovered that her XRPs were gone and her account was deleted in August.
She later realized that she was a victim of a phishing program that masqueraded as the legitimate wallet. The fatal download cost her $5,000.
In early 2021, members of the r/XRP Reddit community started complaining that Toast Wallet was actually compromised despite appearing high in search results. Some users whose accounts have been emptied out by scammers described the situation as "depressing."
The plaintiff wants Apple to pay her and every class member damages for negligence.
"A butter knife"
The Toast Plus incident is far from being a one-off event. In 2019, 17 malicious apps were discovered in the App Store by security firm Wandera.
Some estimate that about 2% of the top applications on the platform can be classified as scams.
Apple's 500-strong app review team might not be able to ensure a sufficient level of user protection.
The company's top engineer Eric Friedman recently compared the store's security to "a butter knife":
App Review is bringing a plastic butter knife to a gunfight.