Security experts have made a troubling discovery – the first “cryptorom” scam applications that have managed to slip through Apple’s stringent App Store vetting process. The two apps in question, Ace Pro and MBM_BitScan, were also found on Google Play, but it is their presence on the usually secure App Store that is causing concern.
These apps have even managed to bypass Apple’s Lockdown mode, which is specifically designed to protect users from sophisticated social engineering tactics. According to Sophos, a leading cybersecurity company, these apps have found a way to circumvent Apple’s security measures.
Sophos senior threat researcher, Jagadeesh Chandraiah, explained, “In general, it’s hard to get malware past the security review process in the Apple App Store. That’s why, when we originally began investigating cryptorom scams targeting iOS users, the scammers would have to persuade users to first install a configuration profile before they could install the fake trading app.”
The modus operandi of cryptorom scams typically starts on dating sites, where scammers create fake profiles to lure victims. They then build a relationship with their victims through messaging apps and convince them to download the scam app for crypto trading. In the case of Ace Pro, scammers went as far as creating a fake Facebook profile of a woman living a luxurious lifestyle in London to deceive users.
The malicious developers behind these scam apps likely connected them to a benign website during the App Store review process. Once approved, the apps redirected users to a fake trading interface linked to an Asia-registered domain. Both Ace Pro and MBM_BitScan were found to connect to the same command and control infrastructure, masquerading as a legitimate Japanese crypto firm.
Cryptorom scams are a form of “pig butchering” fraud, a technique that combines romance-based social engineering with fraudulent crypto-trading apps. This sophisticated scam poses a significant threat to unsuspecting users who trust the security of the App Store.
The discovery of these cryptorom scam apps highlights the evolving tactics used by cybercriminals to infiltrate secure platforms. Users are advised to exercise caution when downloading apps, even from trusted sources like the App Store. Stay vigilant and verify the legitimacy of apps before installing them to protect yourself from falling victim to scams.