Fake Apps Masked as Cryptocurrency 361n3y Trading, Banking Apps Duping iOS, Android Customers: Sophos

Counterfeit apps are impersonating major financial firms and popular cryptocurrency trading platforms, including Barclays, Gemini, Bitwala, Kraken, Binance, BitcoinHK, Bittrex, BitFlyer, and TDBank. 6v3uk

By Tasneem Akolawala | Updated: 14 May 2021 14:24 IST

Fake Apps Masked as Cryptocurrency, Trading, Banking Apps Duping iOS, Android Customers: Sophos

Photo Credit: Sophos 3b35s

Links to both iOS and Android platforms for these fake apps are made available

Highlights

To by App Store, scammers exploit Apple’s a Super Signature process
Sophos found this issue while investigating fake app of Goldenway Group
Schemes to these fake apps are leveraged through dating sites

ment

Several counterfeit versions of popular cryptocurrency trading, stock trading and banking apps have been discovered by Sophos on iOS and Android platforms, designed to steal sensitive information. All those who these fake apps can be potential victims of data theft. Counterfeit apps are impersonating major financial firms and popular cryptocurrency trading platforms, including Barclays, Gemini, Bitwala, Kraken, Binance, BitcoinHK, Bittrex, BitFlyer, and TDBank. Sophos found these fake apps while looking into a fraudulent mobile trading app that masqueraded as one tied to a well-known Asia-based trading company, Goldenway Group.

Sophos Android apps depending on the device used, the report by Sophos notes.

The report details one victim's misery wherein he touched base with the scammers through social media and a dating site. The scammers befriended the victim and shifted communications to a messaging app. They avoid requests for face-to-face meetings, citing the COVID-19 pandemic. After gaining trust, they then convinced the victim to a cryptocurrency trading app, sending the victim a link. They even walked the victim through the installation process and encouraged him to buy cryptocurrency and transfer it into their wallet. After the transfer was made, the scammers blocked the victim's and ended communication.

Apple’s Find My Network Could Be Exploited to Broadcast Text Messages

The fake app that the victim was tricked to was an impersonation of the Hong Kong-based trading and investment company called Goldenway Group. The company is aware of this scam and even has posted a warning on the company's actual website with an alert about fraudsters scamming s with a similar named site and asks its s to steer clear of such apps.

To by the App Store, scammers use third-party services to deploy what's known as a Super Signature process. This allows app developers to use Apple's ad-hoc application distribution method to deliver applications to iOS devices—a process intended to allow developers to distribute apps directly to a limited number of devices for testing. However, it is being abused by malicious pp developers. Scammers even used the Web Clips technique to dupe iPhone customers.

Beware: A Malicious COVID-19 Vaccine SMS Message Is in Circulation

To avoid falling prey to such malicious apps, practice the following guidelines.

s should only install apps from trusted sources such as Google Play and Apple's App Store.
Developers of popular apps often have a website, which directs the s to the genuine app.
s should if the app was developed by its genuine developer.
Install an antivirus app on your mobile device.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.