|
|
|
|
|
|
by mrighele
495 days ago
|
|
|
> We found Android and iOS apps, some available in Google Play and the App Store, which were embedded with a malicious SDK/framework for stealing recovery phrases for crypto wallets. Wasn't the walled garden model supposed to protect from this ? |
|
|
If you have ever been through the app review process, you know that it is opaque, flawed, and clearly being run by inexperienced or overworked people who just don't have time to do anything remotely resembling a security audit.