Almost 200 fake Android and iOS apps masquerading under the umbrella of a reputable Asian-based trading company

May 13, 2021 11:24 GMT  ·  By

Around 167 fake iOS and Android apps were recently found. Available as crypt or stock trading and banking apps, the tool may rob you of your hard earned money.

The Sophos team was asked to investigate an application submitted by someone who had been a victim of the scam. The story begins on a dating website where the scammers tricked the victim into installing a cryptocurrency trading application.

They managed to implement this scam by sending them a link that impersonated GoldenWay, a Hong Kong-based trading and investment firm. The fake app was available for both iOS and Android mobile operating systems.

They urged the victim to purchase and transfer the cryptocurrency into their wallet after installation. Afterward, when requested to transfer the funds, they blocked the victim's account.

Hundreds of scamming apps found by researchers 

When the incident was investigated, hundreds of similar fake trading apps were discovered. Most have look very similar to official trading apps belonging to various financial organizations and perhaps, that's why it made so many victims.

In some situations, cybercriminals use similar schemes to distribute fake apps, relying on social media platforms or dating websites. Alternatively, spoofing real companies like in this particular case can happen.

Shockingly, Apple App Store and Google Play were bypassed by attackers in unique ways. Although having a ban on the digital signature, the apps were loaded to Apple Store using Super Signature as leverage.

The fraudulent applications are designed to exploit the growing interest in trading applications. Victims are blinded by the recent rise in crypto value and interest in free or cheap stock trading.

Then again, bear in mind that you should install apps from trusted sources such as Google Play and the Apple Store to avoid falling victim to malicious apps. Moreover, most popular app developers have a website that leads you to a genuine app. Lastly, don't forget to check whether an app you are about to install belongs to a genuine developer.

Photo Gallery (2 Images)

Android
Android
Open gallery