Cyberspace - a platform that is complex, is defined by anonymity and driven by technical and legal loopholes. As cybersecurity agencies struggle to keep pace with quantum and the ever-changing variants of cybercrimes; hackers assume new ways of appearing authentic and trustworthy.
In one of the latest developments, cybersecurity researchers have identified as many as 167 counterfeit Android and iOS apps that are being used by hackers to steal money from people.
The modus operandi
Researchers at cybersecurity firm Sophos investigated the fake apps in question and found out a queer similarity among all of them. Many of them were very similar apps into financial trading, banking or cryptocurrency. The hackers targeted the potential customer base through dating sites and then lured them into installing these fake money-stealing apps. The apps were disguised as popular brands such as Barclays, Binance, TDBank, BitCoinHK etc.
Some apps even had an embedded customer support 'chat' option. When the investigators tried communicating with the support teams through chat options, many of the responses were also near identical.
The researchers also uncovered a single server loaded with these 167 fake trading and cryptocurrency apps. This also means that one gang or group is behind the entire scam.
Sophos found out about these fake apps while investigating a fraudulent mobile trading app that masqueraded as one tied to a well-known trading company in Asia, Goldenway Group.
What the investigators say
The report by Sophos also describes in detail the harrowing account of one of the cybercrime victims who fell prey to one such scam. "The fake applications we uncovered impersonate popular and trusted financial apps from all over the world, while the dating site sting begins with a friendly exchange of messages to build trust before the target is asked to install a fake app. Such tactics make the fraud seem very believable," explained Jagadeesh Chandraiah, a senior threat researcher at Sophos.
In one of the schemes investigated in detail, the scammers set up a profile and befriended users through a dating app. Once the messages were exchanged with individual targets, they were then lured into installing apps and adding money and cryptocurrency to a fake app. If targets later tried to withdraw funds or close the account, the attackers simply blocked their access.
What is the way out?
Not just Android, but operators even set up a fake "iOS App store" download page featuring fake customer reviews in order to appear convincing and making targets believe they were installing an app from the genuine App store. "To avoid falling prey to such malicious apps, users should only install apps from trusted sources such as Google Play and Apple's app store," Sophos advised.