 "Hackers stealing money via 167 fake trading, crypto apps on Android, iOS")
Cyber-security researchers have identified a stash of 167 counterfeit Android and iOS apps being used by hackers to steal money from people who believe they have installed a financial trading, banking or cryptocurrency app from a trusted organisation.
Researchers at cyber-security firm Sophos investigated the fake apps and found that many were very similar. The attackers targeted users through dating sites and lured victims into installing money-stealing apps disguised as popular brands.
Some apps included an embedded customer support "chat" option. When researchers tried to communicate with the support teams using the chat, the replies they received used near-identical language.
The researchers also uncovered a single server loaded with 167 fake trading and cryptocurrency apps.
Taken together, this suggests that the scams could all be operated by the same group.
"The fake applications we uncovered impersonate popular and trusted financial apps from all over the world, while the dating site sting begins with a friendly exchange of messages to build trust before the target is asked to install a fake app. Such tactics make the fraud seem very believable," explained Jagadeesh Chandraiah, senior threat researcher at Sophos.
In one of the schemes investigated, the scammers befriended users via a dating app, setting up a profile and exchanging messages with individual targets before attempting to lure them into installing and adding money and cryptocurrency to a fake app.
If targets later tried to withdraw funds or close the account, the attackers simply blocked their access.
In other cases, targets were caught through websites designed to resemble that of a trusted brand, such as a bank.
The operators even set up a fake "iOS App Store" download page featuring fake customer reviews in order to convince targets they were installing an app from the genuine App Store.
"To avoid falling prey to such malicious apps, users should only install apps from trusted sources such as Google Play and Apple's app store," Sophos advised.
--IANS
na/
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Smart Quarterly
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app