Cryptocurrency theft scam deceives iPhone dating app users

If you’re looking for love through apps on your iPhone, like Tinder, you better be careful. Sophos researchers have discovered a cryptocurrency exchange scam that targets the user of these programs.

  • NFTs Market fixes the flaw that allowed the theft of cryptocurrencies
  • 1024% of professionals do not believe that colleagues will know how to avoid digital scams
  • 7 out of each Brazilians get information through social networks — and this affects security

The scheme was named CryptoRom by the researchers. According to the report, a digital wallet associated with the scam already has more than US$1.4 million (about R$7.7 million at current prices) in different cryptocurrencies, with that amount most likely coming from victims of the scam.

The scammers responsible for CryptoRom, according to Jagadeesh Chandraiah, senior threat researcher at Sophos, use social engineering tactics in almost every step of the coup. First, criminals create fake profiles on online dating sites or apps. After they have made their first contact with a target, fraudsters suggest continuing the conversation on another messaging platform.

Want to catch up on the best tech news of the day? Go and subscribe to our new channel on youtube, Canaltech News.

Every day a summary of the main news in the tech world for you!

The various steps of CryptoRom scams. (Image: Reproduction/Sophos)

The conversation on this new messenger, however, does not meet the expectations of most users of online dating platforms, with the scammer trying to convince the would-be victim that he will profit greatly if he invests and installs a fake cryptocurrency transaction application. Although the returns shown by the criminal at first look good, after the first investments occur, those affected by the scam quickly realize that they have been cheated, as they cannot see the amount invested or recover the money.

Control of the victim’s iPhone

The research also indicates that in addition to the financial scam, some CryptoRom variants may also gain access to their victims’ iPhone information. According to the Sophos report, this invasion is carried out through the use of Enterprise Signature, a system used by application developers that facilitates the testing of new programs on iPhones, as it allows the installation of these apps without them going through the process of Apple approval.

“Until recently, criminals distributed their fake apps from fake websites that looked like Apple’s App Store. Now, with the addition of methods that make use of tools for iOS developers, the risk is even greater, with victims being able to unknowingly give scammers full access to information from their iPhones.” says Jagadeesh Chandraiah.

For Sophos researchers, the way to mitigate threats like CryptoRom is with Apple issuing alerts to its users about the installation of applications by environments other than the one from App Store, noting that these programs have not been evaluated by the company and may be unsafe. In addition, the Sophos report also states that the lack of regulation in the cryptocurrency market is a problem, as it allows criminals to apply these scams without having to justify themselves to income control agencies, for example.

Source: Sophos, BetaNews

Did you like this article?

Subscribe your email on Canaltech to receive daily updates with the latest news from the world of technology.

1024 1024

1024

Related Articles

Back to top button