‘CryptoRom’ Crypto-Scam is Back via Side-Loaded Apps

Scammers are bypassing Apple’s App Store security, stealing thousands of dollars’ worth of cryptocurrency from the unwitting, using the TestFlight and WebClips programs.

For about a year now, crypto-traders and lovelorn singles alike have been losing their money to CryptoRom, a malware campaign that combines catfishing with crypto-scamming.

According to research from Sophos, CryptoRom’s perpetrators have now improved their techniques. They’re leveraging new iOS features – TestFlight and WebClips – to get fake apps onto victims’ phones without being subject to the rigorous app store approval process.

Successful CryptoRom scams have resulted in five-, six- and even seven-figure losses for victims.

What is CryptoRom?

We do silly things when we’re in love. In fact, scientifically speaking, our inhibitions and decision-making capabilities become impaired in the face of romance and sexual arousal.

Perhaps that’s why hackers have been so successful in targeting dating apps over the years. Last year, the Federal Trade Commission reported that “romance scams” cost U.S. citizens over 300 million dollars in 2020, up 50 percent from 2019.

Capitalizing on this trend, last year a new and well-coordinated campaign began targeting users of dating apps like Bumble, Tinder and Grindr. According

Read More: https://threatpost.com/cryptorom-crypto-scam-side-loaded-apple-apps/178942/