[ad_1]
Orrich Lawson | Getty Images
Last year, a new term emerged to describe online scams that make millions, if not billions, of dollars annually. It’s called “Slaughter of Pigs” and now even Apple has been tricked into participating.
Researchers at security firm Sophos announced Wednesday that they have discovered two apps available on the App Store. These apps were part of an elaborate network of tools used to trick people into putting large sums of money into fake investment scams.At least one of these apps has also appeared on Google Play. However, that market is notorious for the number of malicious apps that evade Google’s review. Sophos said this is the first time it has seen such an app on the App Store and that previous apps identified in this type of scam were legitimate apps that were later exploited by bad actors. rice field.
Pig slaughter relies on a rich mix of apps, websites, web hosts, and humans (and sometimes victims of human trafficking), often under the guise of romantic interests and financial advisors, to a number of people. Build trust over weeks or months. , or a successful investor. Ultimately, the online debate turns to investments, usually involving cryptocurrencies, that scammers claim to have made huge sums of money. The scammer then invites the victim to participate.
When Mark deposits money, the crooks first authorize withdrawals. The scammer eventually locked the account, claiming a deposit of as much as 20% of her balance was required to get it back. No money will be returned even if the deposit has been paid. Scammers come up with new reasons why victims need to send more money. The term pig slaughter comes from farmers fattening pigs months before they are slaughtered.
App Store Trust Abuse
Sophos recently said it discovered two iOS listings in the App Store that were used for CryptoRom. The first one was called Ace Pro and claimed to be an app for scanning QR codes.
The second app was MBM_BitScan, which purported to be a real-time data tracker for cryptocurrencies. One of her victims Sophos tracked put about $4,000 into the app before realizing it was fake.
Apple has a reputation for filtering out malicious apps before they reach the App Store, whether legitimate or not. The presence of the app on the App Store, combined with detailed fake online profiles and elaborate backstories scammers use to lure victims, makes this ploy all the more convincing. rice field.
“If criminals can get past these checks, they could reach millions of devices,” Sophos researchers wrote. “This is why it’s more dangerous for a CryptoRom victim, because most of these targets are more likely to trust the source if it’s from her official Apple App Store.”
An Apple representative did not respond to an email requesting an interview for this article. His PR for Google also declined to be interviewed, but said in an email that the company had removed the app after being notified by Sophos.
Ace Pro and MBM_BitScan bypassed Apple’s review process by delivering malicious functionality using remote content downloaded from hardcoded web addresses. When Apple was reviewing the app, the site may have provided harmless content. Ultimately, that changed.
For example, Ace Pro started sending requests to the domain rest.apizza.[.]net responds with content from acedalex.[.]xyz provides a fake trading interface. MBN_BitScan accessed a server hosted by Amazon, which led to flybit8.[.]com is a domain designed to look like the legitimate Bitcoin service bitFlyer.
The process went like this:
The fake interface appeared to allow users to deposit and withdraw money, as well as process customer service requests in real time. The scammer instructed the victim to start by sending money to the Binance exchange, from where he would transfer money from Binance to the fake app.
Fake trading interface provided by MBM_BitScan.
[ad_2]
Source link
