UK based cybersecurity firm Sophos has tracked down 167 fake applications impersonating popular financial trading applications to scam victims out of their money. These apps operated on both Android and iOS devices. The fake applications were meticulously crafted to resemble known trading applications like Kraken, Goldenway and Bittrex.
Sophos began investigating the apps after receiving a tip from one of the victims of the scam. The scammers established initial contact with their victims through social media or online dating websites. After befriending the victim and chatting with them on a messaging platform, the scammers would ask them to download a trading app from a link they would provide. Without the knowledge of the victim, the link would lead them to download a counterfeit application that only resembled a legitimate trading application.
To circumvent the security and fraud detection systems employed by Google’s Play Store and Apple’s App Store, the scammers’ link would lead to a website that very closely resembled the legitimate application vendors, which even included fake reviews to further convince the victims. Unlike Android devices which have little restrictions on downloading and installing applications from online sources other than the Play Store, Apple devices have security measures that prevent installing applications this way. To install the malware on a victim’s iOS device, the scammers used a super signature process to circumvent the need for the App Store.
Once the victim had installed and registered themselves on the fake application, the scammers would convince the victims to make transactions on the app. The money from these transactions would go to the scammers, defrauding the victims of their money that they thought went to transacting with a legitimate trading application.
Sophos also discovered that the fake applications had a functioning customer support chat which gave the impression that the application was a real trading platform. The chat responses were similar across the many fake applications, hinting at a singular entity committing the fraud. The customer support chat in the different apps would give different recipient bank details but all were from Hong Kong. The firm managed to trace a server which facilitated the operations for the 167 fake applications. Also on the server were other stolen sensitive documentation like passports and driving licences of individuals from Japan, Malaysia, South Korea, and China. Thus, most of the targets of this scam were from Asia.
The cybersecurity firm said that this method of scamming was “driven by the recent significant rise in the value of cryptocurrencies and interest in low-cost or free stock trading”.
In 2020 alone, cryptocurrency grew 317.2%, according to YCharts. When the pandemic and the subsequent lockdowns were in place, there was a global rise and a 12% jump in the number of trades that took place in India, says Monark Modi, founder and CEO, Bitex Technologies.
Despite the prolonged uncertainty over cryptocurrency in India, Indian crypto trading platform WazirX reportedly hit $5.4 billion in transaction volumes in April. In 2018, the Reserve Bank of India had banned banks from using cryptocurrency. Although this ban was quashed by the Supreme Court, the RBI has been urging banks to sever ties with cryptocurrency exchanges. While India’s Finance minister has affirmed that cryptocurrency will not be banned in India, payment gateways have blocked crypto transactions and the RBI has allegedly been informally asking banks to block them.
There is a wave of global acceptance of crypto where payment companies like PayPal, Square, Venmo and MasterCard are incorporating features for crypto trading. Elon Musk’s Tesla had recently announced its purchase of $1.5 billion worth of bitcoins. Elon Musk’s repeated endorsement of cryptocurrency Dogecoin is also responsible for igniting the global interest in crypto trading.