CryptoRom Bitcoin swindlers continue to target vulnerable iPhone and Android users
Cybersecurity researchers from Sophos have revealed a new fraud campaign that involves catfishing on social media, a few fake apps, and a whole lot of cryptocurrency.
The premise is simple – a fraudster will create a fake identity (mostly female) on popular social media and dating sites, find gullible victims, and take them for all they’ve got.
After exchanging numerous messages and gaining their trust, the attackers will persuade the victims into jointly “investing” in cryptocurrencies, on imitations of popular trading apps. In one such instance, the attackers created RobinHand, a fraudulent version of the popular RobinHood trading platform.
We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a £100 Amazon gift card (or equivalent in USD). Thank you for taking part.
Romance-based money scams are as old as time itself, but many have recently been updated with the proliferation of cryptocurrencies.
Distributing iOS apps
Sophos notes that the criminals were able to distribute these apps even on iOS, by abusing Apple’s “Super Signature” application distribution scheme, as well as TestFlight (a feature used to test “beta” versions of apps before they make it to the actual repository).
The “jointly investing” part is also a trick. As the fraudsters operate the app’s backend, they are able to show the victim’s account as having any amount of money, deepening their trust. However, the victim can never withdraw the money – it’s permanently lost.
The rabbit hole goes even deeper. Once the victim tries to withdraw the funds, and sees that they cannot do that, the fraudsters will suggest they reach out to “customer support”, where they’ll be told to pay 20% “tax” to withdraw the funds, taking every last penny out of their accounts. Those that deny will get a little “nudge” – their love interest will offer to “lend” a part of the tax funds.
The whole operation, dubbed CryptoRom, first targeted the Chinese-speaking community, but as of late, has been expanding globally, Sophos says.
“These scams are well-organized, and skilled in identifying and exploiting vulnerable users based on their situation, interests, and level of technical ability. Those who get pulled into the scam have lost tens of thousands of dollars,” the report concludes.
- These are the best privacy tools right now
Go to Source