Sunday, June 13, 2021
Home Technology Fake apps: Researchers identified apps used to steal money

Fake apps: Researchers identified apps used to steal money

The researchers also uncovered a single server loaded with 167 trading and crypto-currency fake apps

A stash of 167 counterfeit Android and iOS fake apps has been identified by cyber-security researchers. These apps were being used by hackers to steal money from people who believe they have installed a financial trading, banking or crypto-currency app from a trusted organisation.

Researchers at cyber-security firm Sophos investigated the fake apps and found that many were very similar. Disguised as popular brands, the attackers targeted users through dating sites and lured victims into installing money-stealing apps.

Some apps included an embedded customer support “chat” option. When researchers tried to communicate with the support teams using the chat, the replies they received used near-identical language.

The researchers also uncovered a single server loaded with 167 trading and crypto-currency fake apps.

Taken together, this suggests that the scams could all be operated by the same group.

“The fake applications we uncovered impersonate popular and trusted financial apps from all over the world, while the dating site sting begins with a friendly exchange of messages to build trust before the target is asked to install a fake application. Such tactics make the fraud seem very believable,” explained Jagadeesh Chandraiah, senior threat researcher at Sophos.

The scammers, in one of the schemes investigated, befriended users via a dating app, setting up a profile and exchanging messages with individual targets before attempting to lure them into installing and adding money and crypto-currency to fake apps.

The attackers simply blocked the access if targets later tried to withdraw funds or close the account.

Targets, in other cases were caught through websites designed to resemble that of a trusted brand, such as a bank.

To convince targets they were installing an app from the genuine App Store, the operators even set up a fake “iOS App Store” download page featuring fake customer reviews.

Sophos advised, “To avoid falling prey to such malicious apps, users should only install apps from trusted sources such as Google Play and Apple’s app store”.

Also read: Fortinet Announces AI-powered XDR for Fully Automated Threat Detection, Investigation, and Response

Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter

khushbu
Khushbu Sonihttps://www.cionews.co.in
Chief Editor - CIO News | Founder & CEO - Mercadeo

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -WhatsApp Image 2020 11 10 at 1.52.58 PMWhatsApp Image 2020 11 10 at 1.52.58 PMWhatsApp Image 2020 11 10 at 1.52.58 PMWhatsApp Image 2020 11 10 at 1.52.58 PM

Most Popular

Driverless passenger car technology to be developed by Huawei by 2025

Expected to bring a sea change to the transportation industry, works on self-driving vehicle systems or driverless passenger car technology are...

Machine learning and mathematics notwithstanding, India lags in data skills

Despite having high proficiency in machine learning and mathematics, India ranks 67th globally, with 38 per cent proficiency and mid-rankings globally...

Cyber-security: India, Australia to broad-base cooperation

Cyber-security: India, Australia to broad-base cooperation

Cloud modernisation journey: Cognizant forms a unit with Google Cloud

Cloud modernisation journey: Cognizant forms a unit with Google Cloud

Recent Comments