CryptoRom iPhone scam nets over $1.4m

Read time 2min 30sec

A cyber criminal group called CryptoRom is targeting iPhone users through popular dating apps such as Bumble and Tinder, to steal crypto-currency and gain control of their handsets.

This was revealed in a report by security giant Sophos, which claims the group’s operations are escalating. The attackers have expanded from targeting people in Asia to include people in the US and Europe, who have been hit to the tune of at least $1.4 million.

Jagadeesh Chandraiah, senior threat researcher at Sophos, says this particular scam depends heavily on social engineering at practically every turn.

Initially, the bad actors post seemingly legitimate fake profiles on popular dating sites. Once they’ve made contact with an intended target, they suggest carrying on the conversation on a messaging platform.

“They then try to persuade the target to install and invest in a fake crypto-currency trading app. At first, the returns look very good but if the victim asks for their money back or tries to access the funds, they are refused and the money is lost. Our research shows that the attackers are making millions of dollars with this scam.”

Gaining access

Over and above stealing cash, the hackers can also gain access to victims’ iPhones.

This version of the attack, sees attackers employing “Enterprise Signature,” a system for software developers that helps businesses to pre-test new iOS applications with chosen iPhone users before they are submitted to the official Apple App Store for review and approval.

Chandraiah says the Enterprise Signature system’s functionality enables threat actors to target larger groups of iPhone users with their illegitimate crypto-trading apps and gain remote management control over their handsets.

This control, says Sophos, could enable the crooks to collect personal data, add and remove accounts, and install and manage apps for other acts of malfeasance.

He says until recently, the group distributed the fake crypto apps mostly through fake Web sites that appeared to be of a trusted bank or the Apple App Store.

“The addition of the iOS enterprise developer system introduces further risk for victims because they could be handing the attackers the rights to their device and the ability to steal their personal data.”

To avoid falling victim to these types of scams, Chandraiah says iPhones users should only install apps from Apple’s official App Store, adding that if something seems too good to be true, it probably is such as a practical stranger giving a golden tip on some purportedly amazing online investment scheme that will deliver a big payout.

Sophos recommends installing a security solution on their mobile devices to protect iOS and Android devices from cyber threats. 

See also