As the scope and scale of cryptocurrency for investors continues to expand globally, hackers are also expanding the scope of their attacks. Now, they are luring crypto users with Apple iPhones through popular dating apps like Bumble and Tinder across Asia, the US and Europe. Cybersecurity firm Sophos recently said it had uncovered an attacker-controlled Bitcoin wallet containing nearly $1.4 million in cryptocurrency, allegedly collected by victims of an international cryptocurrency trading scam. The threat, which Sophos researchers dubbed CryptoRom, relied heavily on “social engineering.”
The CryptoRom scam relies heavily on social engineering at almost every stage. First, attackers spread disguised fake profiles on legitimate dating sites. Once a contact is made with a target, the attackers suggest continuing the conversation on the messaging platform. Jagadeesh Chandraiah, a senior threat researcher at Sophos, said that they are then trying to convince the target to install and invest in the fake cryptocurrency trading app.
While the returns look very good at first, if the victim asks for a refund or tries to access the funds, they will be denied and the money is lost. Chandria said our research shows that attackers are making millions of dollars through this scam.
“The digital form of cryptocurrency makes it inherently decentralized and without any regulations, it has become the currency of choice for cybercriminals. It has fueled and enabled an economy with billions of ransomware, online extortion and impersonation. These attacks target not only private companies, but also critical infrastructure, so they constitute A growing national security risk Murali Urs, India’s director of state, Barracuda Networks, told Financial Express Online that recent high-profile attacks on institutions such as Colonial Pipeline and JBS in the US are likely to draw more attention to government intervention and bitcoin regulation.
ALSO READ: Crypto mcap total exceeds $2.5 trillion again amid growing investor interest after five months of struggle
Barracuda researchers, who provide cloud-enabled security solutions, analyzed phishing spoofs and business email hack attacks sent between October 2020 and May 2021, and determined that the rising price of Bitcoin led to an increase in the volume of crypto-related attacks. .
In accessing users’ iPhones, spammers take advantage of Enterprise Signature – a developer platform that helps companies pre-test new iOS apps with select iPhone users before submitting them to Apple’s official App Store for review and approval. According to Sophos, through the functionality of the Enterprise Signature system, attackers can target larger groups of iPhone users with their fake crypto-trading apps and gain remote administrative control of their devices.
“This means that attackers can do more than just steal cryptocurrency investments from victims. They can also, for example, collect personal data, add and remove accounts, install and manage apps for other malicious purposes.”