As investments in cryptocurrencies grow in popularity worldwide, cybercriminals are adapting their tactics to defraud people. The latest target is the official Apple Store and Google Play Store.
According to a report by cybersecurity firm Sophos, researchers have discovered that CryptoRom fraudsters have incorporated an AI chat tool, resembling ChatGPT, into their toolkit to effectively deceive users.
The scammers have introduced seven fraudulent cryptocurrency investment apps through which they carry out their illicit activities. Typically, mobile applications available on the official Apple App Store and Google Play Store are considered secure. However, this development increases the potential risk for victims.
The initial discovery of CryptoRom scammers using the AI chat tool happened when a victim who had been swindled contacted the research team. The victim had interacted with the scammer through Tandem, a language-sharing app also misused as a dating platform. The scammer then convinced the victim to continue the conversation on WhatsApp. Suspicions arose when the victim received an extensive message that appeared to be partially generated using an AI chat tool.
Sophos Principal Threat Researcher Sean Gallagher confirmed that cybercriminals are exploiting programs like ChatGPT for malicious activities.
In addition to this new tool, researchers discovered a novel strategy employed by scammers to extract additional funds. Traditionally, victims are instructed to pay a 20 percent tax on their supposed profits before withdrawing their funds. However, one recent victim disclosed that after paying the “tax,” the scammers alleged that the funds had been hacked, coercing the victim into making another 20 percent deposit to regain access.
Further investigation revealed the presence of seven counterfeit cryptocurrency investment applications within the official app stores. These apps present innocent descriptions but, upon launch, reveal fabricated crypto-trading interfaces.
This is not the first time cybercriminals are utilizing AI. A report by cybersecurity firm Cloudsek found that hackers are increasingly using AI tools to spread malware, with activities rising nearly 300% each month since November 2022. Attackers are targeting both popular and inactive accounts to spam videos on YouTube.
Credit: Source link
