Disclaimer: We may earn a commission if you make any purchase by clicking our links. Please see our detailed guide here.

Follow us on:

Hackers Stealing Money from People Via 167 Fake Android, iOS Apps

IANS
IANS
Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book.

Join the Opinion Leaders Network

Join the Techgenyz Opinion Leaders Network today and become part of a vibrant community of change-makers. Together, we can create a brighter future by shaping opinions, driving conversations, and transforming ideas into reality.

Cyber-security researchers have identified a stash of 167 counterfeit Android and iOS apps used by hackers to steal money from people who believe they have installed a trusted organization’s financial trading, banking, or cryptocurrency app.

Researchers at cyber-security firm Sophos investigated the fake apps and found that many were very similar. The attackers targeted users through dating sites and lured victims into installing money-stealing apps disguised as popular brands.

Some apps included an embedded customer support “chat” option. When researchers tried to communicate with the support teams using the chat, the replies they received used near-identical language.

The researchers also uncovered a single server loaded with 167 fake trading and cryptocurrency apps.

Taken together, this suggests that the scams could all be operated by the same group.

“The fake applications we uncovered impersonate popular and trusted financial apps from all over the world, while the dating site sting begins with a friendly exchange of messages to build trust before the target is asked to install a fake app. Such tactics make the fraud seem very believable,” explained Jagadeesh Chandraiah, a senior threat researcher at Sophos.

In one of the schemes investigated, the scammers befriended users via a dating app, setting up a profile and exchanging messages with individual targets before attempting to lure them into installing and adding money and cryptocurrency to a fake app.

If targets later tried to withdraw funds or close the account, the attackers simply blocked their access.

In other cases, targets were caught through websites designed to resemble that of a trusted brand, such as a bank.

The operators even set up a fake “iOS App Store” download page featuring fake customer reviews in order to convince targets they were installing an app from the genuine App Store.

“To avoid falling prey to such malicious apps, users should only install apps from trusted sources such as Google Play and Apple’s app store,” Sophos advised.

Partner With Us

Digital advertising offers a way for your business to reach out and make much-needed connections with your audience in a meaningful way. Advertising on Techgenyz will help you build brand awareness, increase website traffic, generate qualified leads, and grow your business.

Join 10,000+ Fellow Readers

Get Techgenyz’s roundup delivered to your inbox curated with the most important for you that keeps you updated about the future tech, mobile, space, gaming, business and more.

Recomended

Find Apps

The Ultimate Hub for Discovering Apps Unlock a world of apps: your ultimate hub for exploring and discovering limitless possibilities for on your every needs.

Power Your Business

Solutions you need to super charge your business and drive growth

More from this topic