“CryptoRom” is what analysts at Sophos, a cybersecurity company, called the cryptocurrency scam campaign carried out from applications such as Tinder, Grindr and Bumble, in a report published Wednesday. It would have earned 1.4 million euros for cybercriminals and mainly affected iPhone users.
Victims recorded in France
Concretely, malicious actors come into contact with the victim via these popular dating apps. After an initial discussion, the scammer tries to switch the exchange to a popular messaging service like WhatsApp or others. Once trust has been established, the hackers then suggest that the target install a cryptocurrency investment application.
So far nothing but very classic but then things become more complex. So, as explainedThe World, Apple protects users by limiting the risks of installing applications containing a virus, in particular through App Store authorization programs.
Except that hackers used several methods to break this protection. The apps were thus recognized by iOS and installed on the victims' iPhones. Among the methods used, we find in particular Super Signature, which makes it possible to exploit “and hijack an application testing program offered by Apple, to allow the installation of unverified software on a small number of devices», specify our colleagues.
Once the app is installed, it is extremely effective. It looks exactly like trading software. The target is encouraged to make their first payment and quickly recovers a profit that they can cash in on. With confidence, she reinvested substantial sums of which she would never see the color again.
Among the victims identified by Sophos experts, many countries are affected, including France, Hungary, and the United Kingdom, not forgetting the United States.
i-nfo.fr - Official iPhon.fr app
By : Keleops AG
