• About
  • Advertise
  • Careers
  • Contact Us
Thursday, June 19, 2025
  • Login
No Result
View All Result
NEWSLETTER
Tech | Business | Economy
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
    • How To
    • TechTAINMENT
  • Business
    • Mobility
    • Environment
    • Travel
    • StartUPs
  • Economy
  • TECHECONOMY TV
  • TBS
  • About Us
  • Contact Us
  • Telecoms
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
    • How To
    • TechTAINMENT
  • Business
    • Mobility
    • Environment
    • Travel
    • StartUPs
  • Economy
  • TECHECONOMY TV
  • TBS
  • About Us
  • Contact Us
  • Telecoms
No Result
View All Result
Tech | Business | Economy
No Result
View All Result
ADVERTISEMENT
Home Business Security

Sophos Uncovers Fake Apps on Apple’s App Store Used by Cybercriminals for CryptoRom Schemes

by Joan Aimuengheuwa
February 1, 2023
in Security
0
Facebook Photos via CryptoRom
Facebook Photos via CryptoRom uncovered by Sophos

Facebook Photos via CryptoRom uncovered by Sophos

UBA
Advertisements

Sophos, a global leader in innovating and delivering cybersecurity as a service, today released new findings on CryptoRom scams—elaborate financial fraud schemes that prey on and trick dating app users into making fake cryptocurrency investments—in its latest report, “Fraudulent Trading Apps Sneak into Apple and Google App Stores.”

The Sophos report details the first fake CryptoRom apps —Ace Pro and MBM_BitScan— to successfully bypass Apple’s strict security protocols.

Previously, cybercriminals used workaround techniques to convince victims to download illegitimate iPhone apps that were not sanctioned by the Apple App Store.

How apps slid past review
Advertisements
MTN ADS
How apps slid past review

Sophos immediately notified Apple and Google; both have since removed the fraudulent apps from their respective stores.

“In general, it’s hard to get malware past the security review process in the Apple App Store. That’s why, when we originally began investigating CryptoRom scams targeting iOS users, the scammers would have to persuade users to first install a configuration profile before they could install the fake trading app. This obviously involves an additional level of social engineering—a level that’s hard to surmount. Many potential victims would be ‘alerted’ that something wasn’t right when they couldn’t directly download a supposedly legitimate app. By getting an application onto the

How apps slid past review
How apps slid past review

, the scammers have vastly increased their potential victim pool, particularly since most users inherently trust Apple,” said Jagadeesh Chandraiah, senior threat researcher, Sophos. “Both apps are also not affected by iOS’ new Lockdown mode, which prevents scammers from loading mobile profiles helpful for social engineering. In fact, these CryptoRom scammers may be shifting their tactics—i.e., focusing on bypassing the App Store review process—in light of the security features in Lockdown.”

Check-Ins CryptoRom
Check-Ins CryptoRom

To lure the victim who was conned with Ace Pro, for instance, the scammers created and actively maintained a fake Facebook profile and persona of a woman supposedly living a lavish lifestyle in London.

After building a rapport with the victim, the scammers suggested the victim download the fraudulent Ace Pro app and the cryptocurrency fraud unfolded from there.

Ace Pro is described in the app store as a QR code scanner but is a fraudulent crypto trading platform. Once opened, users see a trading interface where they can supposedly deposit and withdraw currency. However, any money deposited goes directly to the scammers.

In order to get past App Store security, Sophos believes the scammers had the app connect to a remote website with benign functionality when it was originally submitted for review.

The domain included code for QR scanning to make it look legitimate to app reviewers. However, once the app was approved, the scammers redirected the app to an Asian-registered domain. This domain sends a request that responds with content from another host that ultimately delivers the fake trading interface.

MBM_BitScan is also an app for Android, but it is known as BitScan on Google Play. The two apps communicate with the same Command and Control (C2) infrastructure; this C2 infrastructure then communicates with a server that resembles a legitimate Japanese crypto firm. Everything else that is malicious is handled in a web interface, which is why it is hard for Google Play’s code reviewers to detect it as fraudulent.

CryptoRom, a subset of family of scams known as sha zhu pan (杀猪盘)—literally “pig butchering plate”—is a well-organized, syndicated scam operation that uses a combination of romance-centered social engineering and fraudulent crypto trading applications and websites to lure victims and steal their money after gaining their confidence. Sophos has been tracking and reporting on these scams that reap millions of dollars for two years.

Learn more about the criminals behind the CryptoRom rings and these fraudulent apps in “Fraudulent CryptoRom Trading Apps Sneak into Apple and Google App Stores” on Sophos.com.

Loading

Author

  • Joan Aimuengheuwa
    Joan Aimuengheuwa

    Joan thrives at helping individuals and businesses scale via storytelling...

    View all posts
0Shares
Tags: Ace ProApp StoreCryptoRomJagadeesh Chandraiah
Joan Aimuengheuwa

Joan Aimuengheuwa

Joan thrives at helping individuals and businesses scale via storytelling...

Next Post
University of Ottawa (Canada) Brings Scholarship Nigerian Graduates

University of Ottawa (Canada) Brings Scholarship Nigerian Graduates

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recommended

Pantami Insists on Paradigm Shift from Paper to Knowledge-based Qualifications

3 years ago
IoT Device Management Market

IoT Device Management Market to hit US$11 Bn by 2028

2 years ago

Popular News

    Connect with us

    • About
    • Advertise
    • Careers
    • Contact Us

    © 2025 TECHECONOMY.

    No Result
    View All Result
    • News
    • Tech
      • DisruptiveTECH
      • ConsumerTech
      • How To
      • TechTAINMENT
    • Business
      • Mobility
      • Environment
      • Travel
      • StartUPs
    • Economy
    • TECHECONOMY TV
    • TBS
    • About Us
    • Contact Us

    © 2025 TECHECONOMY.

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In
    Translate »
    This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.