Sign in
Download Opera News App

News Society

 

Crime Justice

 

Fraud

Beware Of DMs crypto scam

Scammers are taking over iPhones using a new hack.

A new iPhone fraud takes advantage of social engineering to steal millions of dollars from users of dating apps like Bumble and Tinder, as well as a system that assists developers in creating new iOS apps.

The scheme was called "CryptoRom" by cyber security firm Sophos, whose analysts discovered a $1.4 million bitcoin wallet where the attackers were funneling their victims' money.

According to Sophos, the scammers have developed the capacity to remotely take control of victim iPhones using a variant of the CryptoRom assault called "Enterprise Signature." This is a technique that allows businesses to test new iPhone applications with a select group of users before submitting them to the Apple App Store.

“Attackers can target larger groups of iPhone users with their bogus crypto-trading apps and get remote management control over their devices using the Enterprise Signature system's functionality,” Sophos warned in a statement.

"This indicates that the attackers may be able to do more than merely take victims' cryptocurrency assets. For example, they could acquire personal information, create and delete accounts, and install and manage apps for harmful purposes."

According to Sophos, the scam began in Asia and has since spread to the United States and Europe via Bumble and Tinder.

Jagadeesh Chandraiah, the company's lead security researcher, said the danger relies heavily on social engineering at practically every stage.

"First, the perpetrators create convincing false profiles on reputable dating websites. The attackers propose extending the conversation on a messaging platform once they've made contact with a target," Chandraiah added.

"After that, they try to persuade the target to download and invest in a phony bitcoin trading software." The profits appear to be quite good at first, but when the victim asks for their money back or tries to access the funds, they are turned down, and the funds are gone. According to our study, the scammers are making millions of dollars with this scheme."

Scammers used to distribute fraudulent crypto currency trading apps using false websites that looked like a trusted bank or the Apple App Store, according to Chandraiah.

"The addition of the iOS enterprise developer system increases the risk for victims since they may be turning over control of their device and the potential to steal their personal data to attackers," he warned.

"Iphone users should only install apps from Apple's App Store to prevent falling victim to these types of frauds." The golden rule is to avoid anything that appears unsafe or too good to be true, such as someone you don't know informing you about a "wonderful" internet investment program that would make you a lot of money.

Content created and supplied by: Newsflash (via Opera News )

DMs Sophos iOS iPhone iPhones

COMMENTS

Load app to read more comments