Researchers warn of crypto scam apps on Apple App Store & Google Play Store
Scammers operating high-yielding investing scams called “Pig Butchering” have found a way to compromise Google Play and Apple‘s App Store, the official repositories for Android and iOS apps. By adding fraudulent apps to official download platforms, scammers can gain a victim’s trust easier.
Pig Butchering scams are those which involve fake websites, malicious advertising, and social engineering.
According to cybersecurity company Sophos researchers, scammers are targeting victims on Facebook or Tinder and convincing them to download the fraudulent apps and “invest” large sums of money in assets that appear to be real.
The cybersecurity firm observed that the campaign was undertaken by a China-based threat group named “ShaZhuPan,” which shows high organizational levels with distinct teams engaged in victim interactions, finance, franchise, and money laundering, according to the report.
The fraudsters appear to target male users over Facebook and Tinder using women’s profiles with stolen images from other social media accounts.
Moreover, the report mentioned that the scammers after gaining the victims’ trust, claim to have an uncle who works for a financial analysis firm and invite them to trade cryptocurrency through an app available on the Google Play or Apple App Store.
Sophos discovered malicious apps called “Ace Pro” and “MBM BitScan” on the Apple App Store, and “BitScan” on the Google Play Store, which was used in the campaign.
The apps let the victim withdraw small amounts of cryptocurrency initially but then lock their accounts when larger amounts are involved.
Furthermore, in order to gain access to the App Store, the ShaZhuPan gang submits an app signed with a valid Apple certificate, which is a requirement for any code to be accepted into the iOS repository. Until the app receives approval, it connects to a harmless server and behaves normally, said the report.
When the app passes the review, the developer changes the domain and connects to a malicious server.
Upon launching the app, the victim sees a cryptocurrency trading interface delivered by the malicious server; however, everything displayed is fake, except for the user’s deposit, the report added.
[With Inputs from IANS]
PGurus is now on Telegram. Click here to join our channel and stay updated with all the latest news and views
For all the latest updates, download PGurus App.
- Indian Navy assists Panama-flagged crude oil tanker after it comes under Houthi’s missile attack; crew including 22 Indians safe - April 29, 2024
- Delhi Police registers case after doctored video of Amit Shah circulated on social media - April 29, 2024
- PM Modi to address six poll rallies in Maharashtra on April 29-30 - April 29, 2024
They are allowed by Apple & Google for it is a means of carrying & arming the espionage, anti-govt activist fronts, money laundering, in the garb of innovation. It is brain child of CIA