>
A well-known cryptocurrency fraud that uses fake trading apps to trick people into giving away their hard-earned money passed Apple’s strict security protocols and made it into mobile app repositories, researchers have warned.
Apple was made aware of the presence and took prompt action to remove the threats from the App Store – still, if you’ve downloaded these apps, make sure you remove them from your endpoints (opens in new tab) straight away.
Sophos cybersecurity researchers have worked out two apps designed for so-called CryptoRom fraud. This form of fraud is quite simple: an imposter would create a fake social media account and assume the identity of a wealthy, attractive woman. They then contact potential victims and after a bit of back and forth, trick them into downloading the bogus trading apps, under the promise of riches and riches.
Fake QR code scanners
People who would fall for the trick would think they are making an investment, but instead would simply be parting with their money.
The two apps in question are called Ace Pro and MBM_BitScan, and what sets these two apart from the crowd of other CryptoRom apps is the fact that they’ve gotten past Apple’s security and the App Store.
One of the apps managed to evade the protection by pretending to be a QR code scanner connected to a benign-looking website, but after a while, the developers redirected it to an Asia-registered domain, which ended up being the fake trading interface provides.
The other app, MBM_BitScan, is also available on Google’s Play Store, where it is known as BitScan. These two apps have been observed communicating with the same Command and Control infrastructure (C2), which further communicates with a server posing as a legitimate Japanese crypto company. Everything else is handled in the web interface, which is how the crooks managed to trick Google into allowing the app in the first place.
The best way to protect against such scams, the researchers say, is to use common sense, and if something looks like a scam, it most likely is. If an app can’t be found in a legitimate repository, or if additional steps are required, that should raise a red flag among users.