Application security, Phishing

Global pig butchering scheme involves fraudulent trading apps

Share
Scam alert, software warning fraud, cyber security. Hacker detection cyber attack on computer network, virus, spyware, malware, malicious software and cybercrime, online website. Protect information

Numerous bogus trading apps have been distributed through the official app stores of Apple and Google, as well as phishing sites, as part of a massive pig butchering campaign aimed at users in Europe, the Middle East and Africa, and the Asia-Pacific that commenced in the middle of last year, The Hacker News reports.

Both iOS and Android devices have been targeted with attacks involving the fake app dubbed "SB-INT," which lured victims into manually trusting the Enterprise developer profile before triggering the registration process that would seek additional information from victims, who are then deceived into investing more money that is later stolen by attackers, according to a Group-IB report. Similar fund exfiltration activities have also been conducted by the FINANS INSIGHTS and FINANS TRADER6 apps on the Google Play Store. All of the malicious apps have since been removed from the app stores. "Cybercriminals continue to use trusted platforms such as the Apple Store or Google Play to distribute malware disguised as legitimate applications, exploiting users' trust in secure ecosystems... The use of web-based applications further conceals the malicious activity and makes detection more difficult," said Group-IB researcher Andrey Polovinkin.

An In-Depth Guide to Application Security

Get essential knowledge and practical strategies to fortify your applications.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.