• About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Privacy Policy
  • Contact us
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2024
    • All events
  • GITEX
  • Digital Magazine
No Result
View All Result
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2024
    • All events
  • GITEX
  • Digital Magazine
No Result
View All Result
CXO Insight Middle East
No Result
View All Result

Sophos Exposes Bogus Trading and Cryptocurrency Apps

by CXO Staff
May 17, 2021
in News

Sophos has uncovered a stash of 167 counterfeit Android and iOS apps that adversaries are using to steal money from people

Sophos

Sophos has uncovered a stash of 167 counterfeit Android and iOS apps that adversaries are using to steal money from people who believe they have installed a financial trading, banking or cryptocurrency app from a well-known and trusted organisation. A report on the findings, “Fake Android and iOS apps disguised as trading and cryptocurrency apps,” shows how the attackers used social engineering techniques, counterfeit websites, including a fake iOS App Store download page, and an iOS app-testing website to distribute the fake apps to unsuspecting users.

Sophos researchers investigated the fake apps and found that many were very similar. Some included an embedded customer support “chat” option. When researchers tried to communicate with the support teams using the chat, the replies they received used near-identical language. The researchers also uncovered a single server loaded with 167 fake trading and cryptocurrency apps. Taken together, this suggests that the scams could all be operated by the same group, according to Sophos.

In one of the schemes investigated, the scammers befriended users via a dating app, setting up a profile and exchanging messages with individual targets before attempting to lure them into installing and adding money and cryptocurrency to a fake app. If targets later tried to withdraw funds or close the account, the attackers simply blocked their access.

In other cases, targets were caught through websites designed to resemble that of a trusted brand, such as a bank. The operators even set up a fake “iOS App Store” download page featuring fake customer reviews in order to convince targets they were installing an app from the genuine App Store.

If people clicked on the links to download the fake apps for either Android or iOS, they received something that looked like a mobile web app, but was in fact a short-cut icon that linked to a fake website.

The operators also distributed some of the fake iOS apps via third-party websites that help iOS developers test new applications with a limited number of Apple device users before they submit apps to the official App Store.

“People trust the brands and people they know – or think they know – and the operators behind these fake trading and cryptocurrency scams ruthlessly take advantage of that,” said Jagadeesh Chandraiah, Senior Threat Researcher at Sophos. “The fake applications we uncovered impersonate popular and trusted financial apps from all over the world, while the dating site sting begins with a friendly exchange of messages to build trust before the target is asked to install a fake app. Such tactics make the fraud seem very believable.

“To avoid falling prey to such malicious apps, users should only install apps from trusted sources such as Google Play and Apple’s app store. Developers of popular apps often have a web site, which directs users to the genuine app and, if they have the skills to do so, users should verify if the app they are about to install was created by its actual developer. Last, but not least, if something seems risky or too good to be true – high returns on investment or someone from a dating site asking you to transfer money or cryptocurrency assets into some ‘great’ account – then sadly it probably is.”

Sophos detects these apps as Andr/FakeApp-DC, iPh/FakeApp-DD and iPh/FakeApp-DE.

Sophos also advises users to install an antivirus app on their mobile device, such as Intercept X for Mobile, to protect Android and iOS devices from cyberthreats.

Tags: androidcryptocurrencyfeatured2iOSJagadeesh ChandraiahSophostrading
ShareTweet

Related Posts

OpenAI launches new ChatGPT Agent: Here’s what you need to know
News

OpenAI launches new ChatGPT Agent: Here’s what you need to know

OpenAI has launched ChatGPT Agent, a major upgrade to its flagship AI product that enables users to delegate multi-step digital...

July 18, 2025
OPSWAT opens ‘first-of-its-kind’ critical infrastructure cyber lab in Dubai
Future

OPSWAT opens ‘first-of-its-kind’ critical infrastructure cyber lab in Dubai

Global cybersecurity firm OPSWAT has officially opened its OPX Lab in Dubai, a new facility designed to simulate real-world cyber...

July 18, 2025

Discussion about this post

Latest Issue

OpenAI launches new ChatGPT Agent: Here’s what you need to know

OpenAI launches new ChatGPT Agent: Here’s what you need to know

July 18, 2025
OPSWAT opens ‘first-of-its-kind’ critical infrastructure cyber lab in Dubai

OPSWAT opens ‘first-of-its-kind’ critical infrastructure cyber lab in Dubai

July 18, 2025
Qatar MoCI adds new e-Services to Single Window as digital uptake grows

Qatar MoCI adds new e-Services to Single Window as digital uptake grows

July 18, 2025

The most trusted source of strategic intelligence for IT decision makers in the Middle East.

About

  • About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Contact Us

Policies

  • Privacy Policy
© 2025 – CXO Insight Middle East. All Rights Reserved.
Facebook-f X-twitter Linkedin
Separated they live in Bookmarksgrove right at the coast of the Semantics, a large language ocean. A small river named Duden.

About

  • About Us
  • Site Map
  • Contact Us
  • Career

Policies

  • Help Center
  • Privacy Policy
  • Cookie Setting
  • Term Of Use

Join Our Newsletter

© 2024 – CXO Insight Middle East. All Rights Reserved.

Facebook-f Twitter Youtube Instagram

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Join our mailing list
Sign up here to get the latest news, updates and special offers delivered directly to your inbox.
No Result
View All Result
  • News
  • Opinions
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
  • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CX50 Oman
    • CXO50
    • ICT Awards
      • Dubai
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2023
    • All events
  • Videos
  • GITEX GLOBAL
  • Digital Magazine

© 2025 - CXO Insight Middle East. All Rights Reserved.