Business
Scammers operating investing scams infiltrate Apple App Store, Google Play
San Francisco, Feb 2
Scammers operating high-yielding investing scams called "pig butchering" have found a way to compromise Google Play and Apple's App Store, the official repositories for Android and iOS apps.
Pig butchering scams are those which involve fake websites, malicious advertising, and social engineering.
By adding fraudulent apps to official download platforms, scammers can gain a victim's trust easier, reports BleepingComputer.
According to cybersecurity company Sophos researchers, scammers are targeting victims on Facebook or Tinder and convincing them to download the fraudulent apps and "invest" large sums of money in assets that appear to be real.
The cybersecurity firm observed that the campaign was undertaken by a China-based threat group named "ShaZhuPan," which shows high organisational levels with distinct teams engaged in victim interactions, finance, franchise, and money laundering, according to the report.
The fraudsters appear to target male users over Facebook and Tinder using women's profiles with stolen images from other social media accounts.
Moreover, the report mentioned that the scammers after gaining the victims' trust, claim to have an uncle who works for a financial analysis firm and invite them to trade cryptocurrency through an app available on the Google Play or Apple App Store.
Sophos discovered malicious apps called "Ace Pro" and "MBM BitScan" on the Apple App Store, and "BitScan" on the Google Play Store, which was used in the campaign.
The apps let the victim withdraw small amounts of cryptocurrency initially but then lock their accounts when larger amounts are involved.
Furthermore, in order to gain access to the App Store, the ShaZhuPan gang submits an app signed with a valid Apple certificate, which is a requirement for any code to be accepted into the iOS repository.
Until the app receives approval, it connects to a harmless server and behaves normally, said the report.
When the app passes the review, the developer changes the domain and connects to a malicious server.
Upon launching the app, the victim sees a cryptocurrency trading interface delivered by the malicious server; however, everything displayed is fake, except for the user's deposit, the report added.
3 hours ago
IAF Rafales arrive in Australia for Pitch Black 2026 air combat exercise
3 hours ago
'Nobody gave us anything…': Messi slams critics after reaching WC final
3 hours ago
Hyderabad man stabbed multiple times over his religion in US mall, family seeks help
3 hours ago
US Citizenship and Immigration Services Rescinds 2022 Public Charge Regulation
3 hours ago
The Impact Pulse of Artificial Intelligence
3 hours ago
INS Sudarshini completes historic US voyage, showcases India’s maritime legacy at America’s 250th celebrations
3 hours ago
Trump targets illegal immigrant truck drivers
3 hours ago
US warns voter databases vulnerable to cyber attacks
3 hours ago
US Democrats reject Trump's election claims
3 hours ago
US spy agencies split over China election intel
3 hours ago
Trump accuses China of targeting US elections
3 hours ago
US envoy vows Cambodia scam crackdown
3 hours ago
China sought Trump's defeat, CIA files allege
