Sophos has released new information about international cryptocurrency scams targeting iPhone users by spreading through popular dating apps like Bumble and Tinder. According to the report, the attackers expanded their operations in Asia to include users in the USA and Europe. Sophos also uncovered a Bitcoin wallet containing approximately $1.4 million worth of cryptocurrencies allegedly collected from devices controlled by the attackers. Sophos researchers have codenamed this new threat “CryptoRom”.
“CryptoRom scams rely on social engineering at almost every stage,” says Jagadeesh Chandraiah, Senior Threat Researcher at Sophos. “First, attackers post credible fake profiles on popular dating sites. Here they suggest continuing the conversation on a different messaging platform after making initial contact with the target. They then convince the target to set up and invest in a fake cryptocurrency trading app. Initially the offer looks very good. But when the victim asks for their money back or tries to access their funds, they realize they’ve been scammed. Our research shows that attackers made millions of dollars using this method.”
Two Way Threat
According to Sophos’ research, in addition to stealing money in this way, attackers can also access victims’ iPhone devices. In this form of the attack, cybercriminals take advantage of the “Enterprise Signature” system, a system for software developers that allows new iOS apps to be tested with selected iPhone users before submitting them to the App Store for review and approval.
In this way, attackers can target a large group of iPhone users with fake crypto apps and take control of the devices they are installed on. This means that attackers can do much more than steal cryptocurrency. For example, it can collect personal data, add and remove accounts, install and manage applications that fulfill other malicious purposes.
“Until recently, attackers were mostly distributing fake crypto apps through fake websites that looked like a trusted bank or App Store,” Chandraiah says. “Their access to the iOS enterprise developer system poses a greater risk to victims. To avoid falling victim to such scams, we recommend iPhone users to download their apps only from the official App Store. The golden rule is not to trust an offer if it looks risky or too good to be true.”