Google and Apple are slipping when it comes to controlling what’s available for their platforms
Sophos has released new findings on CryptoRom (cryptocurrency and romance) scams about a subset of techniques developed to trick dating app users into making fake cryptocurrency investments. Sophos X-Ops has followed CryptoRom fraudsters that have been refining their methods since May, including adding an AI chat tool. The swindlers have also expanded their pressure tactics by telling victims their crypto accounts have been hacked, and additional upfront money is required.
Researchers found a total of seven fake cryptocurrency investment apps in the Google Play and iOS App stores during their investigation. The apps have seemingly innocent descriptions in the stores, but users will encounter a fake crypto-trading platform when they open the app.
These app developers use the same technique Sophos first mentioned in February 2023 to bypass the Apple App Store review process by submitting legitimate, ordinary web content for approval. Once the app has been published, the app’s host server is modified with the fraudulent interface code.
Many of these seven fraudulent apps have recycled the same descriptions and templates, proposing that the same few crime rings are building the scheme.
Sean Gallagher, principal threat researcher at Sophos, concluded, “Prior to being able to get their apps into the Apple Store, CryptoRom fraudsters had to use an awkward technical workaround to target iOS users, which could alert their victims that something was amiss. Now, it’s much easier for them to target iPhone users, expanding their victim pool. These apps are also easy to recycle and reuse. While we’ve alerted Google and Apple to these latest apps, it’s likely more will pop up.”
Editor-in-Chief of the Big Blind, a prominent gambling industry publication, brings 30+ years of journalism experience to his role. His vision emphasizes clarity, accessibility, and responsible journalism, making the Big Blind a trusted source in the online gambling sector.