A new type of online scam has surfaced recently. Known as the “pig butchering” scam (literal translation from sha zhu pan, meaning pig butchering plate), it is a type of romance scam where a scammer would connect with the victim, usually on a dating site or a social media website, and will show romantic interest in the victim. But before too long, the fraudster would scam the victim out of all their money. But this scam is getting scarier as scammers are taking the path of crypto to easily steal the money without being tracked. And to win the trust of the victims, scammers are sneaking in fraudulent crypto apps into Google Play and Apple App Store, a cybersecurity company has found.
Researchers at the cybersecurity company Sophos have published a report where they found that earlier these scammers would find ad-hoc methods to drop these crypto apps in the victim’s device but now they were getting even more malicious.
“Recently, we discovered CryptoRom apps that defeated Apple’s and Google’s app-store security review processes, making their way into the official stores. Victims of the scam alerted us to the applications and shared details of the criminal operations behind them. In the process of researching the applications, we found other apps and uncovered information about the organizations behind these scam operations,” the report stated.
Crypto scam apps sneak into Google Play and Apple App Stores
It should be noted that these scammers are experts in hacking and are involved in domain manipulation to get their apps into the marketplaces. The scammers would first submit an application with a valid certificate issued by Apple. As long as the app is in the review phase, it will function as described and would be entirely benign. But once the review process is complete and the app is added to the App Store or Google Play, the scammer changes the domain and connects it to a fraudulent server.
Then, the scammers change the interface to make it look like a legitimate crypto trading application. Sophos ran a campaign and found three such applications. Ace Pro and MBM_BitScan were found on the App Store whereas BitScan was found on Google Play.
Once the scammer targets a victim, it becomes much easier for them to convince the unsuspecting person to download an app from the official marketplace.
But not to worry, BleepingComputer reached out to Apple regarding this and they told them that the apps have been removed from the platform. They said, “The apps in question represented themselves as a QR code scanner and cryptocurrency tracker when they originally came through review. Upon discovering their bait-and-switch tactics, which are a clear violation of the App Store Review Guidelines, we immediately removed the apps from the App Store, and the developers from our Apple Developer Program”.
Leave a Reply