It's pretty sad that Apple's app review doesn't include checking to make sure an app isn't impersonating an existing popular app. Especially for crypto/financial apps!

I suspect that part of the problem is that Apple does monitor for at least trivial app duplicates, but only between apps submitted to the app store. Ledger only offers theirs via direct download, so to Apple, I supposed it just doesn't exist...

No idea if app notarization or however their latest "security through super diligent app review" snake oil is called could have caught this or if it doesn't receive enough data about the app to perform such checks.

Even if they check for impersonation, it doesn’t change what the app actually does once you interact with it

This is why cryptocurrency will never catch on among the general population: it’s far too easy to lose all your money from either technical mistakes or theft.

Complete transaction finality by default is probably indeed not great for retail use, but what does this have to do with this particular incident?

I think people would be equally furious if Apple were to admit an impostor phishing app posing as a major bank or brokerage into the App Store.