Tinder and Bumble users targeted by major iOS crypto scam

News
By
published

The scam could cause victims to lose more than just their cryptos

An illustration of Bitcoin with a financial value graph
(Image credit: eToro)

Cybersecurity researchers have shared insights into a cryptocurrency trading scam that attacks iPhone users through popular dating platforms such as Bumble and Tinder.

Named CryptRom by researchers at Sophos, the scam first targeted people in Asia, and is now attacking users in the US and Europe as well.

A Bitcoin wallet belonging to the attackers reveals that the threat actors have minted nearly $1.4 million in cryptos from the scam.

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

“The CryptoRom scam relies heavily on social engineering at almost every stage,” said Jagadeesh Chandraiah, senior threat researcher at Sophos, adding that the novel scam has the potential of doing a lot more damage than just stealing cryptos.

Gateway to scams

Unraveling the scam, Sophos says the threat actors begin by posting fake profiles on legitimate dating sites to lure in victims. Once baited, the victims are then persuaded to install and invest in a fake cryptocurrency trading app. 

“At first, the returns look very good but if the victim asks for their money back or tries to access the funds, they are refused and the money is lost,” the researchers share.

The threats however don’t just end with the lost cryptos. Sophos notes that the threat actors use Apple’s enterprise signature mechanism to install apps directly on iOS devices circumventing the App Store.

Enterprise signature is designed for use by iOS developers to enable app developers to test iOS apps before submitting them to the official Apple App Store for review and approval. 

“Until recently, the criminal operators mainly distributed the fake crypto apps through fake websites that resemble a trusted bank or the Apple App Store. The addition of the iOS enterprise developer system introduces further risk for victims because they could be handing the attackers the rights to their device and the ability to steal their personal data,” said Jagadeesh Chandraiah, senior threat researcher at Sophos.

Sophos believes the threat actors use the fake crypto trading app to gain remote management control over the devices of their victims, which exposes them to all kinds of malicious campaigns.

Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
Android phone malware
Screen reading malware found in iOS app stores for first time - and it might steal your cryptocurrency
Representational image depecting cybersecurity protection
Fake video conferencing apps are targeting Web3 workers to steal their data
Smartphone with new logo X twitter app background. Application twitter old blue bird change X black and white new.
Phishing campaign targets prominent X users, accounts at risk
Malware worm
Coordinated global mobile malware campaign targets banking apps and cryptocurrency platforms
ransomware avast
Ransomware, deepfakes, and scams: the digital landscape in 2024
An iPhone sitting on a wooden table
Millions at risk as malicious PDF files designed to steal your data are flooding SMS inboxes - how to stay safe
Latest in Security
Webex by Cisco banner on a Chromebook
Cisco warns some Webex users of worrying security flaw, so patch now
Red padlock open on electric circuits network dark red background
AI-powered cyber threats are becoming the biggest worry for businesses everywhere
Woman using iMessage on iPhone
Apple to take legal action against British Government over backdoor request
Red padlock open on electric circuits network dark red background
Aviaton firms hit by devious new polyglot malware
A laptop with a red screen with a white skull on it with the message: &quot;RANSOMWARE. All your files are encrypted.&quot;
Major ransomware attack sees Tata Technologies hit - 1.4TB dataset with over 730,000 files allegedly stolen
Image of laptop infected with malware
Ransomware criminals are now sending their demands...by snail mail?
Latest in News
AMD Ryzen 9950X
Ryzen CPUs are the cheapest Zen 5 cores you can buy, but I was surprised to see this AMD 192-core CPUs on the value leaderboard
A hand holding a phone showing the Android Find My Device network
Android's Find My Device can now let you track your friends – and I can't decide if that's cool or creepy
Insta360 X4 360 degree camera without lens protector
Leaked DJI Osmo 360 image suggests GoPro and Insta360 should be worried – here's why
A YouTube Premium promo on a laptop screen
A cheaper YouTube Premium Lite plan just rolled out in the US – but you’ll miss out on these 4 features
Viaim RecDot AI true wireless earbuds
These AI-powered earbuds can also act as a dictaphone with transcription when left in their case
The socket interface of the Intel Core Ultra processor
Intel unveils its most powerful AI PCs yet - new Intel Core Ultra Series 2 processors pack in vPro for lightweight laptops and high-performance workstations alike
More about security
Webex by Cisco banner on a Chromebook

Cisco warns some Webex users of worrying security flaw, so patch now
Image of laptop infected with malware

Ransomware criminals are now sending their demands...by snail mail?
AMD Ryzen 9950X

Ryzen CPUs are the cheapest Zen 5 cores you can buy, but I was surprised to see this AMD 192-core CPUs on the value leaderboard
See more latest
Most Popular
AMD Ryzen 9950X
Ryzen CPUs are the cheapest Zen 5 cores you can buy, but I was surprised to see this AMD 192-core CPUs on the value leaderboard
Thanko monitor
At 11lbs, this double 24-inch 'portable' monitor is a bit too much for me but I love the audacity
Rocket Enterprise SSD
Sabrent launches its first 30.72TB SSD, but like all the others, you won't be able to run it on your PC (or buy it on Amazon)
Volkswagen ID.EVERY1 Concept Car
Volkswagen reveals the ID.1 concept car, which will spawn its cheapest all-electric model to date
Eurocom Raptor X17
This $12,000 laptop comes with 24TB RAID-0 SSD storage, 128GB of RAM, and Intel's most powerful mobile CPU - but no Nvidia RTX 5090M GPU
BYD Ling Yuan DJI Drone launcher
BYD’s new roof-mounted DJI drone launchpad looks like a dream for filming road trips – but less so for car safety
An AI face in profile against a digital background.
'Simulating scientists': A new AI tool wants to make serendipitous scientific discovery less human
A hand holding a phone showing the Android Find My Device network
Android's Find My Device can now let you track your friends – and I can't decide if that's cool or creepy
Webex by Cisco banner on a Chromebook
Cisco warns some Webex users of worrying security flaw, so patch now
A YouTube Premium promo on a laptop screen
A cheaper YouTube Premium Lite plan just rolled out in the US – but you’ll miss out on these 4 features