Scammers are using a network of fake apps to steal funds from crypto newbies

News
By published

Attackers are even targeting victims via dating sites

security
(Image credit: Shutterstock / rudall30)

Security researchers have identified a “stash” of more than 150 fake trading, banking and cryptocurrency apps designed to steal victims’ funds.

According to Sophos, the fraudulent iOS and Android apps all utilize a common server, suggesting a single cybercriminal group is responsible. This assumption is supported by commonalities in the design of the applications, as well as communications with the fake customer support team.

The attackers are said to have utilized various social engineering techniques to encourage people to install the malicious apps, even going as far as to build relationships with potential victims over dating services.

In one instance, the scam operators created a fake version of the App Store download page, in a bid to trick people into thinking the application originated from a trusted source.

Fake crypto apps

When the app download is triggered, the victim is served with what looks like a standard mobile application, often mimicking the branding of a popular financial service.

However, the icon is merely a shortcut that links to a fake landing page, where users are encouraged to enter financial credentials or trigger a cryptocurrency transaction, under the guise of topping up their account balance.

According to Sophos, if the victim later attempts to withdraw funds or close out their account, the operators simply block access.

To shield against attacks of this kind, Sophos says there are a few simple steps that all mobile users should take.

“To avoid falling prey to such malicious apps, users should only install apps from trusted sources such as Google Play and Apple’s app store. Developers of popular apps often have a website, which directs users to the genuine app and, if they have the skills to do so, users should verify if the app they are about to install was created by its actual developer,” said Jagadeesh Chandraiah, Senior Threat Researcher at Sophos.

“Last, but not least, if something seems risky or too good to be true – such as high returns on investment or someone from a dating site asking you to transfer money or cryptocurrency assets into some ‘great’ account – then sadly it probably is.”

Joel Khalili
Joel Khalili
News and Features Editor

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

Read more
Android phone malware
Screen reading malware found in iOS app stores for first time - and it might steal your cryptocurrency
Malware worm
Coordinated global mobile malware campaign targets banking apps and cryptocurrency platforms
A close-up photo of an iPhone, with the App Store icon prominent in the center of the image.
App stores are increasingly becoming a major security worry
mobile phone
Popular Android financial help app is actually dangerous malware
DeepSeek
Fake DeepSeek installers are infecting your device with dangerous malware
An Android phone being held in the hand
These malicious Android apps were installed over 60 million times - here's how to stay safe
Latest in Security
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
An abstract image of digital security.
Fake file converters are stealing info, pushing ransomware, FBI warns
Latest in News
Samsung Galaxy S25 from the front
The Now Bar on Samsung One UI 7 is about to get a lot more useful – and could soon match Live Activities on iOS
Marvel Rivals
Marvel Rivals will get two new hero skins for Moon Knight and Black Panther this week meaning I'll now need to farm even more Units
Netflix Ads
Netflix adds HDR10+ support – great news for Samsung TV owners, but don't expect LG and Sony to do the same any time soon
Klipsch Klipschorn AK7 in a room with lots of dark wood furniture and a bare brick wall
Klipsch just updated two of its most iconic stereo speaker designs, keeping these beautiful retro icons on your most-wanted list
FiiO FX17 IEMs
Our favorite budget audiophile brand unveils wired earbuds with 26(!) drivers, electrostatic units, USB-C ultra-Hi-Res Audio, and a not-so-budget price
Nvidia RTX 5080 against a yellow TechRadar background
RTX 5080 24GB version teased by MSI - is it time to admit that 16GB isn't enough for 4K?
More about security
Code Skull

Interpol operation arrests 300 suspects linked to African cybercrime rings
An abstract image of a lock against a digital background, denoting cybersecurity.

Critical security flaw in Next.js could spell big trouble for JavaScript users
The Surface Laptop 7 on a cyan background with a TechRadar deals badge.

This Windows laptop is 31% off in Amazon's Spring Sale and we scored it 5 stars – so why is Amazon putting a warning label on it?
See more latest
Most Popular
Marvel Rivals
Marvel Rivals will get two new hero skins for Moon Knight and Black Panther this week meaning I'll now need to farm even more Units
Klipsch Klipschorn AK7 in a room with lots of dark wood furniture and a bare brick wall
Klipsch just updated two of its most iconic stereo speaker designs, keeping these beautiful retro icons on your most-wanted list
Samsung Galaxy S25 from the front
The Now Bar on Samsung One UI 7 is about to get a lot more useful – and could soon match Live Activities on iOS
A close up of the PlayStation symbol at the top of a PS5 Slim console with a white brick background
Sony has dropped a new PS5 update, improving activities and adding more emoji support
Netflix Ads
Netflix adds HDR10+ support – great news for Samsung TV owners, but don't expect LG and Sony to do the same any time soon
Nvidia RTX 5080 against a yellow TechRadar background
RTX 5080 24GB version teased by MSI - is it time to admit that 16GB isn't enough for 4K?
Google Pixel 9a being held, from the back
The Google Pixel 9a’s mysterious delay may have just been explained
Nintendo Sound Clock: Alarmo
Nintendo Sound Clock: Alarmo gets new update with more customizable features ahead of the Switch 2 Direct
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
FiiO FX17 IEMs
Our favorite budget audiophile brand unveils wired earbuds with 26(!) drivers, electrostatic units, USB-C ultra-Hi-Res Audio, and a not-so-budget price