Top
Begin typing your search above and press return to search.
exit_to_app
Made in China
access_time 2021-06-19T11:20:18+05:30
Whither our country?
access_time 2021-06-19T08:57:01+05:30
Covid: children must be given special care
access_time 2021-06-19T09:04:17+05:30
A state machinery, intimidating and silencing
access_time 2021-06-18T10:43:30+05:30
A judgement raising hopes
access_time 2021-06-17T11:32:00+05:30
DEEP READ
Citizenship questions at the doorstep
access_time 2021-06-13T22:58:07+05:30
Why Eid celebration is so important to Muslims
access_time 2021-05-13T12:57:08+05:30
Who can save Congress from redundancy?
access_time 2021-05-10T13:19:13+05:30
Iran and the revival of JCPOA
access_time 2021-04-23T13:21:09+05:30
exit_to_app
Homechevron_rightTechnologychevron_rightResearchers unearth...

Researchers unearth 167 fake iOS & Android trading apps

text_fields
bookmark_border
Researchers unearth 167 fake iOS & Android trading apps
cancel

New Delhi: Researchers at cyber-security firm Sophos has discovered 167 counterfeit iOS and Android apps stealing money from victims while disguised as popular cryptocurrency trading, stock trading, and banking apps.

The researchers investigated the fake apps and found that many were very similar. According to reports, the attackers targeted users through dating sites and lured victims into installing money-stealing apps disguised as popular brands.

The Sophos team was asked to investigate an application by someone who was a victim of a scam that started on a social media and dating website. The fraudsters tricked their target into installing a cryptocurrency trading app by sending them a link that impersonated a Hong Kong-based trading and investment firm called GoldenWay. iOS and Android options were available.

After installation, they urged the victim to purchase cryptocurrency and transfer it into their wallet; however, they blocked the victim's account when they requested to transfer the funds.

Some apps included an embedded customer support "chat" option. When researchers tried to communicate with the support teams using the chat, the replies they received used near-identical language.

The researchers also uncovered a single server loaded with 167 fake trading and cryptocurrency apps.

Taken together, this suggests that the scams could all be operated by the same group.

"The fake applications we uncovered impersonate popular and trusted financial apps from all over the world, while the dating site sting begins with a friendly exchange of messages to build trust before the target is asked to install a fake app. Such tactics make the fraud seem very believable," explained Jagadeesh Chandraiah, a senior threat researcher at Sophos.

If targets later tried to withdraw funds or close the account, the attackers simply blocked their access.

In other cases, targets were caught through websites designed to resemble that of a trusted brand, such as a bank.

The operators even set up a fake "iOS App Store" download page featuring fake customer reviews to convince targets they were installing an app from the genuine App Store.

"To avoid falling prey to such malicious apps, users should only install apps from trusted sources such as Google Play and Apple's app store," Sophos advised.

Show Full Article
TAGS:Cyber scam Fake trading apps 
Next Story