Romance scammers exploit Apple's developer program to spread fake cryptocurrency apps

Written by
Oct 13, 2021 | CYBERSCOOP

Fraudsters are using the promise of love to lure victims into downloading fake cryptocurrency trading apps and then stealing their funds, researchers at Sophos report.

The ongoing campaign, which researchers have dubbed “CryptoRom,” has targeted victims across Europe, the U.S. and Asia. In these scams, scammers use dating apps like Bumble, Tinder, and Grindr to build trust with a victim. They then move the conversation to a messaging app, where they ask victims to install a fake trading app.

Fraudsters convince victims to invest in the app, ultimately stealing the funds. Thieves have managed to swipe nearly $1.4 million with the ruse, according to an analysis of a bitcoin wallet one of the scammers used. Some 23,000 victims of romance scams reported more than $605 million in losses to the FBI in 2020.

The new findings underscore how fraudsters are turning to Apple’s developer programs in an attempt to evade the company’s policies against sideloading apps. To cut down on users downloading malicious apps, Apple only allows users to download apps from its official App Store. Attackers have found a way around this by using Apple’s program that allows developers

Read More: