TechFlow reports that SlowMist Chief Information Security Officer 23pds has warned users on X about a new malicious phishing app appearing on the Apple App Store. This app impersonates legitimate applications to steal user accounts and passwords, and adds the attacker's phone number to the victim's two-factor authentication trusted numbers list, thereby gaining full control over the account.
This sophisticated phishing technique bypasses Apple's two-factor authentication (2FA). Crypto users should be especially vigilant, as many individuals and wallets currently rely on iCloud backup solutions—compromising an iCloud account could lead to significant asset loss.




