apple: Thieves steal $1.4 million by abusing Apple’s enterprise app programs: Report – Times of India
Hackers have stolen at least $1.4 million from a number of people through CryptoRoam attacks, using a combination of social media, dating apps, cryptocurrency, and abuse of Apple‘s Enterprise Developer program, as per a report by AppleInsider.
The scam has been in circulation for about six months and Apple’s iOS platform is the target, says the report. The modus operandi of the scammers starts with gaining the trust of the target through social media or data apps. After that, the victim is lured into installing a modified version of a cryptocurrency exchange through a website that resembles the look of the Apple App Store from where they are baited into investing as the target is asked to download a Mobile Device Management profile. After they do so, the scammers defraud the victims out of cash, adds the report.
As per a report by Sophos, a victim lost about $87,000 in this scam, with losses of $45,000 and $25,000 also reported by others. A Bitcoin address has been found by cybersecurity researchers with just under $1.4 million transferred to it. Going by the fact that it is one single address and many more could be being used by scammers, the amount of money stolen could be higher.
“Upon returning to the fake App Store webpage, the unsuspecting user is then prompted to download an app signed with a certificate associated with the Mobile Device Management profile through either Apple Enterprise provisioning or the Super Signature distribution method. The app in question is a bogus version of the Bitfinex cryptocurrency trading application,” states the report.
The report further adds, “The victim is then convinced to make a small investment into a cryptocurrency as a proof of concept, and is allowed to withdraw the profits. When a larger deposit is made, the victim finds that it cannot be withdrawn and is told by the assailant either just pulls the money for themself, that more must be invested, or a tax must be paid to pull the money out.”.
For all the latest Technology News Click Here