Apple's Leadership Shift: Can New CEO Ternus Tackle Rising Crypto Scams on App Store?

Apple is undergoing its most significant leadership transition in years, coinciding with growing concerns over the security of its App Store and the surge in crypto theft on iPhones.

On April 20, the company announced that John Ternus, its senior vice president of hardware engineering, will succeed Tim Cook as chief executive officer by September 1, 2025. Following Ternus' appointment, Cook will transition to the role of executive chairman.

Ternus brings extensive experience from Apple’s product organization, having contributed to the development of the iPad, AirPods, iPhone, and Mac. He played a pivotal role in Apple’s shift to in-house silicon for Macs and recently led the unveiling of the iPhone Air.

Cook praised Ternus’ leadership, stating:

“John Ternus has the mind of an engineer, the soul of an innovator, and the heart to lead with integrity and with honor. He is a visionary whose contributions to Apple over 25 years are already too numerous to count, and he is without question the right person to lead Apple into the future.”

The leadership change arrives as Apple faces multiple challenges, including competition in artificial intelligence, slowing hardware growth, and a pressing security issue within its App Store.

Fake Crypto Wallet Apps Expose Users to Financial Risks

Apple’s App Store has long been marketed as a secure, tightly controlled marketplace where software undergoes rigorous screening before reaching users. However, this reputation is now under scrutiny after cybersecurity researchers uncovered a wave of fraudulent crypto wallet apps infiltrating the ecosystem.

Kaspersky Threat Research identified at least 26 applications impersonating major crypto brands, including MetaMask, Ledger, Trust Wallet, and Coinbase. While some apps have been removed, others remained active at the time of the report.

Kaspersky linked the operation to a malware campaign dubbed SparkKitty, which has been active since late 2025. The scam begins with seemingly harmless apps—such as calculators, games, or task managers—to bypass Apple’s initial review process. Once installed, these apps redirect users to fake App Store listings.

Sergey Puzan, a mobile malware expert at Kaspersky, explained:

“While the apps that kick off the attack chain are not inherently malicious, they lead to the user installing a trojan in the end. By paying a fee and setting up a developer account, the attackers can target any iOS device if the user succumbs to the phishing tactic.”

Victims are then guided to download what appears to be a legitimate crypto wallet, with the scheme relying on social engineering and custom developer profiles to bypass standard App Store restrictions.