The apps are disguised as financial trading, banking, and cryptocurrency apps from well-known and trusted organizations.

Dark Reading Staff, Dark Reading

May 13, 2021

2 Min Read

Researchers have discovered 167 counterfeit iOS and Android apps stealing money from victims while disguised as popular cryptocurrency trading, stock trading, and banking apps.

The Sophos team was asked to investigate an application by someone who was a victim of a scam that started on a social media and dating website. The fraudsters tricked their target into installing a cryptocurrency trading app by sending them a link that impersonated a Hong Kong-based trading and investment firm called GoldenWay. iOS and Android options were available.

After installation, they urged the victim to purchase cryptocurrency and transfer it into their wallet; however, they blocked the victim's account when they requested to transfer the funds.

Researchers investigating this incident found hundreds of fake trading apps — each disguised as the official trading app of a financial organization — distributed using the same infrastructure.

In some cases, the schemes to distribute apps use social engineering through dating websites as well as websites spoofing actual companies. These websites brought victims to third-party sites delivering iOS mobile apps via configuration management schemes, iOS mobile device management payloads carrying "Web Clips," or Android apps, depending on the device. Attackers had unique ways of bypassing the Apple App Store and Google Play; researchers explain the technical details in a blog post.

It's believed these fraudulent applications are designed to exploit a growing interest in trading apps, driven by the recent increase in the value of cryptocurrencies and interest in low-cost or free stock trading.

Read the full report for more information.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights