Law Street Media

Apple Sued for Crypto Loss After User Unknowingly Installed Phishing App

A finger browsing cryptocurrency prices on a smartphone app.

New york, USA - July 25, 2018: Man checking cryptocarrencies exchange to dollar rate on smartphone display.

A class action complaint filed in the District of Maryland last Thursday alleges that Apple Inc. failed to properly vet an application offered on its App Store. As a result, the plaintiff contends, she downloaded the fake “Toast Plus” app believing it to be legitimate, uploaded cryptocurrency account information and several months later, lost the balance of her Ripple (XRP) cryptocurrency to hackers who routed it to their personal accounts using information gleaned from the phishing application.

According to the filing, the Maryland woman downloaded Toast Plus onto her iPhone from the App Store in about March 2020, under the impression that it was a version of Toast Wallet, “a well-known cryptocurrency wallet, as the names were similar and the logo used for the application in the App Store was the same or nearly identical.”

After a secure cryptocurrency wallet the plaintiff used previously shut down, she linked her private XRP key with her Toast Plus account in March 2021. Because she reportedly intended to hold XRP as an investment rather than actively trade it, she did not check on it until August 2021.

When she then logged into Toast Plus, the plaintiff allegedly discovered that she had no XRP in her wallet and that her account had been deleted in early March. Thereafter, the plaintiff investigated the digital currency theft, by, among other things, attempting to contact Toast Plus, contacting Apple, the Federal Trade Commission, and identifying co-perpetrators through online research.

The plaintiff asserts that she is not bound by any Apple terms and conditions, including liability limitations, because such contracts “are the product of adhesion.” In other words, Apple has left the plaintiff with “no power to negotiate any terms whatsoever and no other source from which to get applications for her Apple products.” 

As such, the complaint asserts that many of Apple’s terms are unenforceable as violative of public policy. Moreover, the lawsuit argues that because Toast Plus was not an actual application, but instead a conduit for fraud, any existing contract is void, as what the plaintiff understood she was getting was not provided by Apple.

The lawsuit seeks to certify both a nationwide and Maryland class of people who downloaded or otherwise used Toast Plus from the App Store within the relevant statutory period and suffered actual loss of cryptocurrency as a result. The plaintiff seeks relief from violations of the Computer Fraud and Abuse Act, the Electronic Communications Privacy Act, and Maryland and other state wiretap and consumer protection statutes.

The plaintiff is represented by Adelphi Law.

Exit mobile version