Men are being targeted by fake crypto apps in a scam that could steal big bucks
You might be surprised to learn that ‘Pig Butcher’ takes place in the App Store and Google Play Store, but no animals are harmed. According to BleepingComputer, “pig slaughter” is a scam that involves bogus websites, malicious advertisements, and more. By slipping through the App Store and Play Store defenses, users have a false sense of security when installing these apps only to get bitten in the ass. Cybersecurity firm Sophos has concluded that these attacks are designed to trick male Facebook or Tinder users into installing fake apps. using fake female profiles with images stolen from other social media sites. These images depict a rich lifestyle with photos of exotic locations, five-star restaurants and high-end retail stores. Fake apps promote fake investment scams.
The scam usually follows a particular script
The scam usually follows a particular script. The “woman” the target is messaging says she has an “uncle” in the investment industry and urges the target to install a particular cryptocurrency app on the App Store or Google Play Store that will enable to the target of trading cryptocurrencies. After guiding the future victim through the process of installing the “fake” app, the “woman” also helps the victim make a deposit using the legitimate Binance cryptocurrency app and helps the mark to transfer the sum towards the false application.
MBM_Bitscan App on App Store
Sophos says the malicious apps used on the App Store are called “Ace Pro” and “MBM_BitScan” and “BitScan” on the Google Play Store. The apps allow the victim to withdraw small amounts from their account initially to gain the target’s trust, but lock the account to prevent larger amounts from being withdrawn.
To get through App Store defenses. the bad actors involved in the scam submit an application signed with a valid certificate issued by Apple. It is a necessity for any app that appears on the iOS app storefront. Until the app gets Apple’s approval, it acts as normal. once the approval is received, the domain name is changed and the application connects to a malicious server.
How does this scam work
Although different vendor names appear for the iOS and Android versions of the fake apps, they connect to the same command and control server (which sends instructions to the malware-controlled systems), from a domain that seems imitate a legit Japanese cryptocurrency exchange called bitFlyer. .
Use common sense and you should be able to avoid getting scammed
Now you see who the “pig” is getting slaughtered. The “pig” is the victim who is drawn into the scam by long conversations. By allowing a small part of the initial repository to be accessible to the target, the latter trusts the whole process and has adhered to the schema. While we hate to continually hit you over the head with this, you should check the comment section of any apps you’re considering installing on your devices from developers you’ve never heard of. If you see any red flags, don’t install the app and run away…quickly.
Also, if you are on Facebook or Tinder and are approached by a wealthy woman who is looking to get you to invest in cryptocurrency, do not engage in conversation with that “woman”. And even if your hormones kick in and you can’t help it, what the hell do you do to invest your hard-earned cash without doing some research first? And cryptocurrency is no stranger to the seedy and fraudulent world of investment scams.
And because only a few victims become addicted (this is a high-yield scam that depends on a low percentage of success to make the attackers lots of money), there aren’t too many complaints about the apps. Still, if you use your common sense and think with your brain instead of some other part of the male anatomy, you should be able to avoid getting ripped off.