The US security authority Federal Bureau of Investigation (FBI) draws attention to scams with beta versions of apps in the cryptocurrency environment. If victims install such apps, the criminals try to swindle cryptocurrency under the guise of a legitimate-looking app.
Advertisement
It is currently unclear to what extent this scam campaign is taking place and which apps are affected.
Beta apps scam
Apple and Google allow developers to upload beta versions to their app stores for testing by interested users. According to an FBI report, cyber gangsters misuse it to offer fake beta apps with malicious code.
The criminals should use this to withdraw personal information, completely take over devices and redirect cryptocurrency to their wallets. In order for victims to install such an app, the gangsters are said to use social engineering tactics via social media and lure them with financial rewards for testing the beta versions.
If a victim falls for it and, for example, enters log-in data into such an app or makes a cryptocurrency transfer, the data or money end up directly with the scammers.
The infrastructure
Advertisement
Apple offers its Test Flight platform for beta testing. Developers can upload apps there for testing and interested parties can install them directly on their devices without any detours. Apparently, the submission of apps also works for applications with malicious code due to more lax checks than in the normal app store, as security researchers from Sophos mention in a report.
Afterwards, victims only have to click on a link provided by the attackers and install the prepared beta app via Test Flight. No further security checks should take place during the installation, so that the malicious code is also installed.
According to reports, the tests of the beta versions in Google Play should be identical to those for stable apps.
(of the)
Go to home page
#Cryptocurrency #FBI #warns #beta #app #scam
