Cyber-security experts also discovered a cache of 167 bogus Android and iOS applications that hackers are using to rob money from people who think they have built a legitimate financial investing, banking, or cryptocurrency software.
Researchers at cyber-security consultancy Sophos examined the bogus applications and discovered that all of them were strikingly close. The attackers recruited victims through dating platforms and enticed them to download money-stealing apps posing as famous products.
Several applications had an integrated “chat” function for customer service. When researchers attempted to connect with support teams through talk, they obtained nearly identical responses.
Additionally, the researchers discovered a single server that was filled with 167 bogus trading and cryptocurrency applications.
When seen together, this means that the scams are being perpetrated by the same party.
“The satire monetary applications we found emulate normal and legitimate monetary applications from around the world, while the dating site sting begins with a well-mannered trade of messages to build up certainty until the objective is mentioned to introduce a parody application. Such procedures loan believability to the trick “Jagadeesh Chandraiah, a senior danger specialist at Sophos, expounded.
In one of the schemes examined, scammers befriended users with a dating app, creating a profile and sharing messages with specific goals until luring them into downloading and funding a bogus app with money and cryptocurrencies.
If goals attempted to remove funds or close the account afterward, the attackers actually prevented them from doing so.
In other instances, targets were attracted to websites that resembled those of a reputable brand, such as a bank.
The operators also created a bogus “iOS App Store” download page complete with fabricated user feedback to fool targets into believing they were downloading an app from the legitimate App Store.
“To prevent being a victim of such malware software, consumers can only download apps from reputable sites such as Google Play or Apple’s app store,” Sophos recommended.