International bitcoin trading scandal targets individuals using dating apps like Bumble and Tinder on their iPhones, according to cyber security firm Sophos. An attacker-controlled Bitcoin wallet containing almost $1.4 million in bitcoin allegedly stolen from victims was discovered by the company.
Every step of the scam, code-named ‘CryptoRom,’ involves the cyber criminals utilizing social engineering (collecting information from publicly accessible data) techniques. “First, the perpetrators create plausible phony profiles on well-known dating websites and publish them on such sites. According to Sophos’ Jagadeesh Chandraiah, after an attacker has established contact with a victim, they advise extending the discussion on a messaging platform. A phony bitcoin trading app is then installed and investments are made in it. Even if the returns seem to be excellent on the surface, victims will be denied access to their money if they ask for it back or try to access it,” he said.
The scheme nets the con artists millions of dollars in ransom. The assailants seem to have broadened their scope to include individuals in Asia, the United States, and Europe in their attacks. Besides taking money from victims, scammers may also get access to infected gadgets.
Enterprise Signature is what the hackers are utilizing, and it lets businesses test new iOS applications with a small number of iPhone users before they submit them to the official iOS platform (Apple’s store) for evaluation and clearance. The attackers may remotely control more iPhone users with their phony crypto-trading applications using this technique and target bigger groups of them.
Attackers may possibly do more than simply take bitcoin assets from their victims if they do this. “According to a Sophos investigation on the fraud, the con artists “may gather personal information, create and delete accounts, and install and administer applications for other nefarious reasons.”
iPhone users should only install applications from the iOS store to prevent falling prey to these kinds of frauds. When anything sounds dangerous or too good to be true, it usually is. This includes hearing about a ‘wonderful’ internet investment plan from someone you hardly know but who promises huge profits.
