CryptoRom scams are the latest when it comes to financial fraud schemes tricking app users into handing over their cash. Now a new report from cybersecurity solutions provider Sophos finds that fake CryptoRom apps managed to bypass Apple’s security protocols on the App Store.
Fraudulent apps defeating Apple’s and Google’s app-store security process
Sophos recently unearthed two CryptoRom apps, so-called because they prey on and trick dating app users into making fake cryptocurrency investments. The apps bypassed strict security protocols on app stores. Previously cybercriminals used workaround techniques to convince victims to download illegitimate apps that weren’t sanctioned by Google or Apple.
The Ace Pro and MBM_BitScan apps, however, approached victims through dating applications. Then they asked them to move their conversations to WhatsApp where users were lured into downloading the apps.
Ace Pro app on the App Store
Source: Sophos
Apple and Google have been notified about these apps and promptly removed them from their app stores.
Fake apps on the App Store
“In general, it’s hard to get malware past the security review process in the Apple App Store. That’s why, when we originally began investigating CryptoRom scams targeting iOS users, the scammers would have to persuade users to first install a configuration profile before they could install the fake trading app,” explains Jagadeesh Chandraiah, senior threat researcher, Sophos.
Because users tend to trust Apple, scammers who get onto the App Store manage to vastly increase their pool of potential victims.
Ace Pro, for example, is described as a QR code scanner on the App Store. But it’s actually a fraudulent crypto trading platform. Once opened, users see a trading interface to deposit and withdraw currency, but the cash goes directly to the scammers.
How CryptoRom apps are getting past Apple’s store review
Source: Sophos
Sophos believes that apps such as Ace Pro have managed to get around App Store security by connecting the app to a remote website with benign functionality when it was submitted for review. Once approved, the app was redirected to an Asian-registered domain that sends a request to respond with content and delivers the fake trading interface.
It’s an elaborate scheme that highlights just how inventive scammers are becoming to evade App Store security features.
Key takeaways
- CryptoRom apps bypass the security of Apple and Google app stores
- Ace Pro and MBM_BitScan apps approached victims through dating applications and asked them to move their conversations to WhatsApp
- Apple and Google have removed these apps
The post Fraudulent CryptoRom apps bypass Apple and Google app store security appeared first on Business of Apps.
source https://www.businessofapps.com/news/fraudulent-cryptorom-apps-bypass-apple-and-google-app-store-security/
