BTC $68279.0927
ETH $3629.5433
BNB $418.8260
SOL $133.0943
XRP $0.6497
stETH $3620.7348
ADA $0.7707
DOGE $0.1827
AVAX $43.0376
DOT $9.8988
wstETH $4204.4051
TRX $0.1402
LINK $20.4333
WETH $3627.8562
MATIC $1.1461
WBTC $68015.7231
UNI $12.3628
BCH $469.5171
LTC $88.8112
IMX $3.1360
ICP $13.3800
CAKE $3.3523
ETC $35.9657
FIL $10.0244
LEO $4.8744
ATOM $12.4782
TON $2.7811
HBAR $0.1174
RNDR $7.3750
KAS $0.1614
INJ $40.6866
DAI $0.9990
OKB $56.8390
VET $0.0495
PEPE $0.0000
XLM $0.1458
FDUSD $0.9965
STX $3.0333
XMR $148.4317
WEMIX $2.7041
LDO $3.2821
NEAR $4.3354
GRT $0.3080
ARB $1.9787
THETA $2.3471
APEX $2.6824
BSV $115.5449
BTC $68279.0927
ETH $3629.5433
BNB $418.8260
SOL $133.0943
XRP $0.6497
stETH $3620.7348
ADA $0.7707
DOGE $0.1827
AVAX $43.0376
DOT $9.8988
wstETH $4204.4051
TRX $0.1402
LINK $20.4333
WETH $3627.8562
MATIC $1.1461
WBTC $68015.7231
UNI $12.3628
BCH $469.5171
LTC $88.8112
IMX $3.1360
ICP $13.3800
CAKE $3.3523
ETC $35.9657
FIL $10.0244
LEO $4.8744
ATOM $12.4782
TON $2.7811
HBAR $0.1174
RNDR $7.3750
KAS $0.1614
INJ $40.6866
DAI $0.9990
OKB $56.8390
VET $0.0495
PEPE $0.0000
XLM $0.1458
FDUSD $0.9965
STX $3.0333
XMR $148.4317
WEMIX $2.7041
LDO $3.2821
NEAR $4.3354
GRT $0.3080
ARB $1.9787
THETA $2.3471
APEX $2.6824
BSV $115.5449
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Crypto fraudulent applications have penetrated the official stores of Google and Apple


    Cyberthugs from Tinder lure gullible men into a cruel financial trap.

    The creators of a highly profitable investment scam called “The Pig-Butchering Scum” have found a way to bypass the protection of the Google Play and Apple App Stores.

    Pig butchering scam has been going on for years. Attackers use fake websites, malicious ads, and social engineering. And by downloading fraudulent applications to official stores, it is even easier for them to gain the trust of the victim.

    Researchers at cybersecurity firm Sophos say cybercriminals are targeting victims on popular social media. They convince them to download fraudulent apps and "invest" large sums of money in assets that they say are real. Basically, scammers fool men using fake Facebook and Tinder profiles for women.

    ShaZhuPan is a hacker group from China that is running this scam campaign. She demonstrates a very high level of organization. Separate teams in it are engaged in interaction with victims, separate teams deal with finance, franchising and money laundering.

    Scam-controlled profiles are created with luxury lifestyle in mind, with photos of expensive restaurants, shops and exotic places. Apparently, this is how attackers attract wealthy men.

    After gaining the victim's trust, the scammers say they have a relative who works for a financial analysis firm. They convince that you can make good money on this, and invite the victim to trade cryptocurrency through an application from the Play Store or App Store.

    The scammers instruct the victim how to create an account on the Binance cryptocurrency exchange platform, fund the balance, and then transfer the invested amount to a fake app.

    The malicious apps used in the campaign observed by Sophos are called "Ace Pro" and "MBM_BitScan" in the Apple App Store, and "BitScan" in the Play Store.

    At first, these applications allow the victim to withdraw small amounts of cryptocurrency, but then block their accounts when the amounts become larger. The initial withdrawal of funds is usually enough for the victims to trust the scheme and keep investing.

    The method used to bypass security checks in mobile app stores is quite simple. In order to infiltrate the App Store, the ShaZhuPan gang submits an app signed with a valid certificate issued by Apple, which is the main requirement for any code to be accepted into the iOS repository. At first, the application connects to a secure server and its behavior is not suspicious. But after passing the check, the developer changes the domain, and the application connects to the malicious server.

    After launching the application, the victim sees a cryptocurrency trading interface delivered from a malicious server. However, all displayed information is fake, except for the user's account.

    Sophos researchers found that the Android and iOS BitScan apps have different vendor names but communicate with the same control server, which appears to be impersonating bitFlyer, a legitimate cryptocurrency exchange company in Japan.

    Because these apps are only downloaded by a small number of targeted users, they are not reported as mass scams, increasing the time it takes for them to be identified and removed from the store.

    Butchering a pig scam generates high profits in a short time, so scammers are motivated to spend a lot of time and effort to gain the trust of their victims through long-term communication.

    Such lengthy interactions, initial withdrawals, and the convincing interface of fake apps make it difficult to understand the very fact of a scam.

    Sophos also notes that the emergence and popularization of the fintech industry has further strengthened people's trust in such software tools. And when apps are downloaded from the official Apple and Google stores, victims have little to no doubt about their legitimacy and safety.

    In order not to get into such a situation, before installing any application on your smartphone, it is recommended to read the reviews of other users, privacy policy, information about the developer / publisher and search for information about the company on the Internet.

    Author DeepWeb
    New hidden Trojan attacks Windows
    Malware exploited Realtek SDK critical bug in millions of attacks

    Comments 0

    Add comment