According to the report, scammers have managed to infiltrate seven new fake cryptocurrency investment apps into the official Apple App and Google Play stores. In the year 2022, investment fraud through scams caused the highest reported losses to the FBI’s Internet Crimes Complaint Center (IC3), amounting to a staggering US$3.31 billion in the United States alone. The majority of these scams involved cryptocurrencies, including pig butchering, which saw a significant increase of 183% from 2021, resulting in reported losses of US$2.57 billion last year.
Emerging tools utilized by scammers
The research team at Sophos initially became aware of CryptoRom scammers using an AI chat tool, likely ChatGPT, when a victim reached out to them. The victim had been contacted on Tandem, a language-sharing app that is also used as a dating platform. The scammer convinced the victim to continue their conversation on WhatsApp. The victim grew suspicious after receiving a lengthy message, which was partially generated by an AI chat tool using a large language model (LLM).
Furthermore, the research team uncovered a new tactic employed by scammers to extort additional money. Traditionally, when victims of CryptoRom scams attempt to withdraw their supposed profits, fraudsters would demand a 20% tax payment before processing any withdrawals. However, a recent victim disclosed that after paying the “tax” to withdraw their funds, the fraudsters claimed that the funds had been hacked, insisting on an additional 20% deposit before releasing the money.
Upon further investigation, the research team discovered the presence of seven counterfeit cryptocurrency investment apps on the official Google Play and Apple App stores. These apps appear innocuous with their descriptions in the app stores (one example being BerryX, which claims to be related to reading). However, once users open the app, they are confronted with a fabricated crypto-trading interface.
To circumvent the Apple App Store review process, the app developers employ the same technique that Sophos initially reported on in February 2023. They submit the app for approval using legitimate content commonly found on the web. Once the app receives approval and is published, the developers modify the server hosting the app by introducing fraudulent code for the deceptive interface.
The existence of similar templates and descriptions among these seven new apps suggests that one or two pig butchering rings are responsible for orchestrating this scheme.
Denial of responsibility! TechCodex is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
Alex Smith is a writer and editor with over 10 years of experience. He has written extensively on a variety of topics, including technology, business, and personal finance. His work has been published in a number of magazines and newspapers, and he is also the author of two books. Alex is passionate about helping people learn and grow, and he believes that writing is a powerful tool for communication and understanding.
