The scam usually follows a particular script
The scam usually follows a particular script. The “woman” that the target is messaging says that she has an “Uncle” in the investment business and invites the target to install a particular cryptocurrency app on the App Store or the Google Play Store that will allow the target to trade cryptocurrency. After guiding the soon-to-be victim through the process of installing the “fake” app, the “woman” also helps the victim to make a deposit using the legitimate cryptocurrency app Binance and helps the mark transfer the sum to the fake app.
MBM_Bitscan app on the App Store
Sophos says that the malicious apps being used on the App Store are called “Ace Pro” and “MBM_BitScan” and “BitScan” on the Google Play Store. The apps allow the victim to withdraw small amounts from their accounts at first to gain the target’s trust but lock the account preventing the withdrawal of larger amounts.
To get through the App Store’s defenses. the bad actors involved in the scam submit an app signed with a valid certificate issued by Apple. This is a necessity for any app that appears on the iOS app storefront. Until the app gets Apple’s approval, it acts normal; once approval is received, the domain name is changed and the app connects to a malicious server.
How this scam works
While different vendor names appear for the iOS and Android versions of the fake apps, they connect to the same command and control server (which sends directions to malware-controlled systems), from a domain that seems to impersonate a legit Japanese cryptocurrency exchange called bitFlyer.
Use common sense and you should be able to avoid getting ripped off
Now you see who the “pig” is getting butchered. The “pig” is the victim who is drawn into the scam through lengthy conversations. By allowing a small part of the initial deposit to be accessible to the target, the latter trusts the entire process and has bought into the scheme. While we hate to continuously hit you over the head with this, you need to check the comments section of any apps that you plan to install on your devices from developers that you’ve never heard of. If you see any red flags, do not install the app and run away…quickly.
And because only a few victims get hooked (this is a high-yield ripoff that depends on a low percentage of success to make plenty of money for the attackers), there aren’t too many complaints about the apps. Still, if you use common sense and think with your brain instead of another part of the male anatomy, you should be able to avoid getting ripped off.
