Image

Fake buying and selling apps on Google Play and App Store linked to international ‘pig butchering’ rip-off

New research from cybersecurity company Group-IB shows that cybercriminals have been using phony trading apps to swindle unsuspecting individuals as part of a global “pig butchering” campaign.

Pig butchering is a form of investment fraud where scammers persuade their victims into making large investments on fake trading platforms. The scheme—which is commonly associated with cryptocurrency and is surprisingly vegan-friendly—refers to how scammers build trust with their victims before later draining them of their investments. The ruse has proven to be a lucrative cyber threat, with researchers from the University of Texas at Austin estimating that pig butchering scammers have stolen more than $75 billion from victims in the last four years.

Since May, Group-IB analysts have identified several fake mobile applications that have been disguised as trading platforms on the Google Play and Apple App Store, and used as part of the global scheme. The cybersecurity company, which was founded in Russia but shifted its headquarters to Singapore in 2019, has classified the fraudulent apps as members of the UniShadowTrade malware family and said the mobile applications were built using the UniApp Framework.

Hoodwinked! While Group-IB was unable to pinpoint how cybercriminals are going about targeting their pig butchering victims, the report suggested it is most likely through social engineering tactics on dating and social networking platforms. After building a relationship with their victims, malicious actors are then able to convince them to download seemingly legit applications to execute their crime.

One example of a fake app discovered by Group-IB deceived users with a description that claimed it could be used for “algebraic mathematical formulas and 3D graphics volume area calculations.” Users who downloaded the app were prompted to make an account and disclose sensitive information, before being instructed to make a deposit. The cybercriminal is then able to convince the victim to continue investing money on the platform, which they are unable to withdraw.

The app has since been removed from the App Store, but Group-IB claims that cybercriminals have continued to circulate it to both Apple and Android users through phishing websites.

Another bogus app discovered by Group-IB on the Google Play Store masqueraded as an application that shared stock-related news. The app racked up more than a thousand downloads before being removed by the app store.

Group-IB claims it was able to identify pig butchering victims across the Asia-Pacific, European, and Middle East and Africa regions.

Zoom out. The recently discovered tactic joins the slew of strategies malicious actors are using to perform investment-related crimes. IT Brew has previously reported that cybercriminals are also sending their victims to their local Bitcoin ATM to secretly drain their accounts and impersonating the web pages of common retail brands as part of their crypto fraud gambits.

Read more from Morning Brew

SHARE THIS POST