Hackers are trying to exploit the growing popularity of the crypto domain. Very dangerous malware, disguised as wallets for cryptocurrencies, is currently targeting users of devices with Android and iOS operating systems.
IT security provider Eset has discovered dozens of applications that look like well-known cryptocurrencies, such as MetaMask, Trust Wallet, Bitpie, TokenPocket, OneKey or Coinbase, but include software that steals victims’ virtual currencies.
Dangerous applications even work like real crypto wallets and have been promoted on serious sites. Some of them send the victims ‘crypto private keys to the attackers’ servers without using a secure connection. Thus, the deceived can also be stolen by third parties who follow that connection.
Initially, the method was used in China, then spread internationally. Dozens of such applications have been discovered on the Internet. Of these, 13 were clones of Jaxx Liberty, a popular crypto application.
In some cases, victims have been persuaded to use fake services through platforms such as Telegram or Facebook.
Investors in cryptocurrencies need to be very careful about what wallets they use and avoid downloading such applications from outside the official online stores. Cryptocurrencies lost by such methods are almost impossible to recover.
IOS users, also targeted by the CryptoRom scheme
Another dangerous threat is currently targeting iOS users, according to computer security firm Sophos Labs. The CryptoRom scheme uses fake iPhone applications to steal cryptocurrencies. In this case, the applications of popular trading platforms, such as Binance, Bitfinex or Coinbase, are cloned.
Victims are offered very high profits, and in the first phase they are even allowed to make a profit. However, when they want to withdraw some of the money or all of them, a fee is charged. In the case of the clone called UBS Global + Binance, this is $ 6,000. People are threatened with losing their money if they don’t pay. Of course, the victims do not recover anything even after doing so.
In the case of CryptoRom, many people were initially contacted through dating platforms such as Tinder, Bumble or Grindr. In some cases, criminals have spent a lot of time interacting with victims in order to gain their trust. Then they proposed the “business” to them.
CryptoRom is a great success for its creators. A Bitcoin wallet associated with the attackers raised the equivalent of $ 1.3 million.