New Delhi: According to a new analysis by cybersecurity firm Sophos Research, cryptocurrency scammers target iPhone users on three continents through popular dating apps like Tinder and Bumble. According to the research, not only did fraudsters steal millions of dollars through this scam, but they can also gain access to victims’ iPhones.
Sophos Research discovered “a Bitcoin wallet owned by the perpetrators containing approximately $ 1.4 million in cryptocurrency that was allegedly collected from victims of the CryptoRom fraud”. According to the report, the hoax has spread from Asia to Europe and the US.
Explaining the operation of the fraud, Sophos chief threat researcher Jagadeesh Chandraiah said, “First, the attackers post compelling fake profiles on legitimate dating sites. As soon as they have made contact with a target, the attackers propose to continue the conversation on a messaging platform. They then try to convince the target to install a fake cryptocurrency trading app and invest in it. “
“At first the returns look very good, but if the victim requests their money back or tries to access the money, they are rejected and the money is lost. Our research shows that the attackers are making millions of dollars from this scam, “he added.
According to Sophos, scammers can use the fake cryptocurrency software to gain access to victims’ iPhones in addition to withdrawing money. Cyber criminals do this by using Enterprise Signature, a method that allows software developers to pre-test new iOS programs with selected iPhone users before submitting them to the Apple App Store for review and approval.
With this system, attackers can attack large groups of iPhone users with their fake crypto trading apps and gain remote management of their devices, Sophos warned.
In addition to stealing money from victims, attackers could also collect personal information, add and remove accounts, and install and manage apps for other malicious purposes, the company said.
“Until recently, the criminal operators distributed the fake crypto apps mainly through fake websites similar to a trustworthy bank or the Apple App Store. Adding the enterprise iOS developer system poses another risk to victims as they could give attackers the rights to their device and the ability to steal their personal information, ”said Chandraiah.
“To avoid falling victim to this type of fraud, iPhone users should only install apps from the Apple App Store. The golden rule is, if something seems risky or too good to be true – like someone you barely know telling you about a “great” online investment program that is making a big profit – this is it unfortunately probably, ”he suggested.
Live television
#mute
