Crypto hackers targeting iPhone users: CryptoRom scam involves snagging victims through Bumble, Tinder, Grindr, apps

CryptoRom Cryptocurrency Hack iPhone US Europe Online Dating Apps
Beware of new Cryptocurrency scam targeting iPhone users. Pic credit: QuoteInspector.com/Flickr

An international cryptocurrency trading scam is now actively going after iPhone users. CryptoRom Scammers are hunting for victims on popular dating apps such as Bumble, Tinder, Grindr, etc.

A predominantly Asian scam has now expanded to the U.S. and Europe. Dubbed CryptoRom, the scam involves luring iPhone users into installing troublesome apps and then stealing cryptocurrency tokens or money stored inside a crypto wallet.

Fake iOS Cryptocurrency apps make nearly $1.4 Million worth of Bitcoin by targeting iPhone users in the U.S. and Europe:

Cyber security researchers have revealed an international cryptocurrency trading scam. Dubbed CryptoRom, the scam has at least one Bitcoin wallet which contains about $1.4 Million worth of tokens.

CryptoRom” relies heavily on social engineering at almost every stage. The detailed report that Sophos created, explains the inner working of the scam.

Speaking about the same, Jagadeesh Chandraiah, a senior threat researcher at Sophos, said: “The CryptoRom scam relies heavily on social engineering at almost every stage. First, the attackers post convincing fake profiles on legitimate dating sites. Once they’ve made contact with a target, the attackers suggest continuing the conversation on a messaging platform. They then try to persuade the target to install and invest in a fake cryptocurrency trading app.”

The scammers initially make some profit for the victim. Once convinced about the potential of the platforms, scammers ask victims to invest larger amounts, added Chandraiah:

“At first, the returns look very good but if the victim asks for their money back or tries to access the funds, they are refused and the money is lost. Our research shows that the attackers are making millions of dollars with this scam.”

Why are Apple iPhone users the primary target for the CryptoRom gang?

Sophos researchers have warned that the CryptoRom gang is leveraging “Enterprise Signature”. It is a system for software developers that helps organizations pre-test new iOS applications with selected iPhone users before they submit them to the official Apple App Store for review and approval.

CryptoROM Scam 01
Pic credit: Sophos

With such functionality, attackers can go after several iPhone users with their fake crypto-trading apps. Using weaponized software, crypto hackers can even gain remote management control over victims’ devices.

Needless to add, this means the attackers can potentially do way more than just steal cryptocurrency investments from victims. Some of the real threats involve stealing personal data, adding and removing accounts, and installing and managing apps for other malicious purposes.

CryptoROM Scam 2
Pic credit: Sophos

The iOS enterprise developer system has far more potential for causing damage if it is in the hands of the wrong people with malicious intent. For the time being, the only advice security researchers are advising is to only install apps from Apple’s App Store.

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x