Scammers are stealing funds from crypto-newbs

Researchers found nearly 170 fake finance apps using similar designs, servers and language

A team of researchers at Sophos say they have identified as many as 167 fake banking, trading and cryptocurrency apps that criminals are using to steal money and financial information from unsuspecting users.

The researchers discovered the fake apps while investigating another bogus mobile trading app, which presented itself as one linked to Asian gold trading firm Goldenway Group.

The cybercriminals operating these fake Android and iOS apps used counterfeit websites, social engineering techniques, and a fake iOS App Store download page to trick potential victims into believing that they were downloading and installing a legitimate app.

In one case, scammers targeted a user through a dating website, where they tricked him into downloading a fake cryptocurrency trading app. They avoided requests for face-to-face meetings, citing the pandemic, but encouraged the user to buy cryptocurrency and transfer it into their wallet.

When the victim tried to close the account or withdraw money, the scammers blocked account access.

Sophos said all the fraudulent apps it identified use a common server and similar designs, suggesting that a single group or entity is responsible.

Some apps offered a customer support chat option, and were observed to be using near-identical language when contacted.

The apps impersonated popular financial firms and cryptocurrency trading platforms, including Barclays, Bitwala, Gemini, Kraken, Bittrex, Binance, BitcoinHK and TDBank.

"People trust the brands and people they know - or think they know - and the operators behind these fake trading and cryptocurrency scams ruthlessly take advantage of that," said Jagadeesh Chandraiah, a senior threat researcher at Sophos.

To protect themselves against this kind of scam, Chandraiah advised mobile users to only install apps from trusted sources, like Apple and Google's official app stores. He also stressed the need for people to be cautious about websites or apps that claim unrealistically high returns on investments.

"If something seems too good to be true - promised high returns on investments, or professional-looking dating profiles asking to transfer money or crypto assets - it's likely a scam," Chandraiah said.

Unverified and third-party mobile apps are a long-standing and growing security issue. Last year, researchers reported two malware campaigns that targeted Android users, with apps that claimed to optimise smartphone performance but actually delivered malware.

Also last year, researchers at Kaspersky uncovered a cyberespionage campaign that had used the Google Play Store to distribute malware for about four years - proving that even the official app stores aren't completely safe.

Dubbed 'PhantomLance', the campaign was linked to threat group APT32 or OceanLotus, which is thought to have backed by the Vietnamese government.