You have heard of romance scams and unsuspecting people falling victim to them. Now get ready for this new twist to the same old romance scam with quite a bit of crypto sprinkling. Cryptocurrency scammers are abusing Apple’s Enterprise Developer Program to get targets to install absolutely fake apps in their iPhones. They have managed to rake in almost $1.4 million from the scam, as per the analysis of a bitcoin wallet owned by them.

Diving into details

  • The scam, dubbed CryptoRom by Sophos researchers, has targeted victims across Asia, the U.S., and Europe.
  • The criminals are using dating apps such as Tinder, Bumble, and Grindr to form friendships with the victims.
  • After building trust with the victim, the conversation is moved to a messaging app. The attackers subsequently attempt to persuade the victims into installing a bogus trading app.
  • In addition to this, the scammers convince the victims to invest in the app, eventually stealing the funds.

Why this matters

These findings highlight how fraudsters are targeting iOS users via Apple’s distribution technique through operations termed Super Signature services. The researchers, moreover, observed malicious apps linked to these frauds, which leverage configuration profiles exploiting Apple’s Enterprise Signature distribution scheme. This distribution scheme can be utilized to propagate apps without App Store reviews. As apps signed with Enterprise certificates should be distributed within an organization and not among customers, it is not required for them to be submitted to the App Store for review.

Another scam

  • Another crypto romance scam—Yahoo-Yahoo—has been ongoing in Nigeria since January.
  • The FBI IC3 received over 1,800 complaints, leading to a loss of approximately $133,400,000 between January 1 and July 31.
  • Even in this scam, the fraudster directs the victim to a fraudulent website and convinces them to invest in it.

The bottom line

Just like Google Play Store, Apple App Store is not immune to malware, fleeceware, and other malicious apps. However, Sophos researchers have pointed out that counterfeit crypto trading apps rarely make it through. Thus, attackers have come up with this novel technique that targets vulnerable iPhone users. The cryptocurrency space lacks oversight from law enforcement, which draws cybercriminals to devise malicious schemes.

Cyware Publisher