Numerous bogus trading apps have been distributed through the official app stores of Apple and Google, as well as phishing sites, as part of a massive pig butchering campaign aimed at users in Europe, the Middle East and Africa, and the Asia-Pacific that commenced in the middle of last year, The Hacker News reports.
Both iOS and Android devices have been targeted with attacks involving the fake app dubbed "SB-INT," which lured victims into manually trusting the Enterprise developer profile before triggering the registration process that would seek additional information from victims, who are then deceived into investing more money that is later stolen by attackers, according to a Group-IB report.
Similar fund exfiltration activities have also been conducted by the FINANS INSIGHTS and FINANS TRADER6 apps on the Google Play Store. All of the malicious apps have since been removed from the app stores.
"Cybercriminals continue to use trusted platforms such as the Apple Store or Google Play to distribute malware disguised as legitimate applications, exploiting users' trust in secure ecosystems... The use of web-based applications further conceals the malicious activity and makes detection more difficult," said Group-IB researcher Andrey Polovinkin.
