Scammers Used Dating Apps to Sell Fake Cryptocurrency

Scammers stole more than $1.4 million from users of popular dating apps like Tinder, Grindr and Bumble, among others. Dubbed “CryptoRom” by cybersecurity research firm Sophos, the attackers feigned romantic interest with victims to build trust, and then lured them into downloading fake cryptocurrency apps.

According to reports, these scammers used Apple’s Enterprise Development platform to push the fake cryptocurrency apps, which gave the victims a sense that they were legitimate, but in reality, this allowed scammers to bypass the normal app review process. 

The CryptoRom attackers set up fake profiles on dating apps and strike up conversations with users, later moving them to messaging apps. After a time, the subject of cryptocurrency is introduced into the conversation, and the scammer asks the victim to install the fake crypto trading app to make an investment. At first, the victim makes money and is allowed to withdraw from their account, providing a false sense of security. Soon after, they are asked to make a more substantial contribution, and if they do, the scammers not only refuse their withdrawal requests, but blackmail them to invest more and take the money they already paid if they refuse.

As iMore points out, people who download these fake cryptocurrency apps onto their phone essentially turn their iPhones into a “managed device,” controlled by someone else where your data can be held hostage. 

The Sophos report on the subject stated: “Apple's Enterprise Signature program can be used to distribute apps without Apple App Store reviews, using an Enterprise Signature profile and a certificate. Apps signed with Enterprise certificates should be distributed within the organization for employees or application testers, and should not be used for distributing apps to consumers.”

The report goes on to say: “In this instance, the crooks wanted victims to visit the website with their device's browser again. When the site is visited after trusting the profile, the server prompts the user to install an app from a page that looks like Apple's App Store, complete with fake reviews. The installed app is a fake version of the Bitfinex cryptocurrency trading application.”

Interpol warned of an increase in cybersecurity threats earlier this year, as more people turned to dating apps during the pandemic. At first, people in Asia were targeted but now victims have been found primarily in the United Kingdom, the United States, France, and Hungary, according to ZDNet.

So far Apple has not issued a warning to customers to be cautious about the scheme or informed them that scammers are using their Enterprise Development platform to victimize dating app users.