![]() ![]() Many of these seven new apps recycled the same templates and descriptions, suggesting the same one or two pig butchering rings are creating the scheme. ![]() Then, once the app has been approved and published, they modify the server hosting the app with code for the fraudulent interface. They submit the app for approval using legitimate, run-of the-mill web content. To get past the Apple App Store review process, the app developers use the same technique Sophos first reported on in February 2023. However, as soon as users open the app, they are met with a fake crypto-trading interface. These apps have seemingly benign descriptions in the app stores (BerryX, for example, claims to be reading-related). Upon further investigation, Sophos X-Ops found seven fake cryptocurrency investment apps in the official Google Play and Apple App stores. However, a recent victim revealed that after paying the “tax” to withdraw money, the fraudsters said the funds had been “hacked” and they would need another 20% deposit before receiving the funds. Traditionally, when victims of CryptoRom scams attempt to cash in on their “profits,” fraudsters will tell them they need to pay a 20% tax on their funds before completing any withdrawals. Sophos X-Ops also uncovered a new scammer tactic designed to extort additional money. It also enables keyboarders to simultaneously engage with multiple victims at one time,” said Sean Gallagher, principal threat researcher, Sophos. Using something like ChatGPT can be a more efficient and effective way to keep these conversations going, making the scams less labor intensive and more authentic. One of the main challenges for fraudsters with CryptoRom scams is carrying out convincing, sustained conversations of a romantic nature with targets these conversations are mostly written by ‘keyboarders,’ who are primarily based out of Asia and have a language barrier. We can now say that, at least in the case of pig butchering scams, this is, in fact, happening. “Since OpenAI announced the release of ChatGPT, there has been broad speculation that cybercriminals may use the program for their own malicious activities. The victim became suspicious after he received a lengthy message that was clearly partly written by an AI chat tool using a large language model (LLM).Ī screenshot showing how the scammer used large language model-based AI in chat responses. After contacting the victim on Tandem, a language sharing app that has also been used as a dating app, the scammer convinced the victim to move their conversation to WhatsApp. Sophos X-Ops first learned of CryptoRom scammers using the AI chat tool-most likely ChatGPT- when a conned victim reached out to the team. Frauds involving cryptocurrency, including pig butchering, represented most of these scams, increasing 183% from 2021 to $2.57 billion in reported losses last year. In 2022, investment fraud caused the highest losses of any scam reported by the public to the FBI’s Internet Crimes Complaint Center (IC3), totaling $3.31 billion. Sophos X-Ops additionally discovered that scammers were able to sneak seven new fake cryptocurrency investment apps into the official Apple App and Google Play stores, upping the potential for victims. Scammers also expanded their coercion tactics by telling victims their crypto accounts were hacked and more upfront money is needed. You can view any threats that have been detected underneath the five modules, or in the "History" tab.Sophos, a global leader in innovating and delivering cybersecurity as a service, today released new findings on CryptoRom scams-a subset of pig butchering (shā zhū pán) schemes designed to trick users of dating apps into making fake cryptocurrency investments-in its latest report, “ Sha Zhu Pan Scam Uses AI Chat Tool to Target iPhone and Android Users.” Since May, Sophos X-Ops has observed CryptoRom fraudsters refining their techniques, including adding an AI chat tool, like ChatGPT, to their toolset. "Malicious Traffic Detection" identifies programs that might try to connect your system to harmful remote servers. "Privacy Protection" ensures that you and your system aren't compromised through unauthorized webcam access. Exclusive real-time protection for premium usersĮnhanced real-time protection is reserved for premium subscribers: " Ransomware Protection" defends against extortion Trojans that encrypt files on your computer and demand a payoff for the decryption key. Free version users get "Antivirus Protection" (which guards against known viruses, Trojans, and other malware) as well as "Web Protection", which chaperones you across the Internet. The "Status" area serves as a kind of home screen and allows you to keep tabs on the most important features, like real-time protection. Sophos Home's features are grouped into five sub-menus in its web dashboard.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |