Ultra popular dating apps Tinder and Bumble are targeted by cryptocurrency thieves according to Sophos cybersecurity researchers. Baptized CryptRom, the scam began in Asia before reaching the USA and then Europe (therefore France). Bitcoin wallet owned by hackers reveals that $ 1.4 million has been stolen. Principal Investigator Jagadeesh Chandraiah explains that the scam “ relies on social elements at every stage “. Authors first post fake profiles on Tinder and Bumble to lure victims then push them to install and invest in a fake digital asset trading app.
Until recently, criminals mainly distributed bogus cryptocurrency apps through websites that look like a trusted bank or the Apple App Store. Addition of iOS corporate signature introduces additional risk for victims because attackers will have rights to their device and the ability to steal personal data.
« At first the returns seem very good, but if the victim wants to get their money back or access their funds, the money disappears »Share the researchers. But the scam goes further. Sophos tells us that an Apple signature mechanism is used to install the app on iOS devices without going through the App Store! A signature normally used by developers before submitting software to the Cupertino company for review and then approval. Sophos also believes that the perpetrators of the scam remotely control the smartphones of the victims which leaves them open to all kinds of possible attacks. So the next time you launch Tinder or Bumble, be careful!