Bitcoin scams target Tinder users
Cryptocurrency scammers are targeting iPhone users through dating applications such as Tinder, Grindr, and Bumble, according to information security firm Sophos.
The company says it identified a Bitcoin wallet containing tokens worth $1.4 million (R20.4 million) collected through dating app scams.
“This is just one bitcoin address, the tip of the iceberg. There could be several, with millions being lost,” said Jagdeesh Chandraiah, a senior threat researcher at Sophos.
“Once they’ve made contact with a target, the attackers suggest continuing the conversation on a messaging platform,” Chandraiah said.
“They then try to persuade the target to install and invest in a fake cryptocurrency trading app.”
The malicious cryptocurrency trading apps are distributed via fake websites, and scammers can take control of the victim’s iPhone by accessing their profiles on the fraudulent apps.
According to Sophos’s report, a victim had lost $87,000 (R1,269,717.00) in one instance, while another had lost $25,000 (R365,000) to a scammer who had contacted them through Grindr.
Victims of these scams have their personal information compromised in addition to being ripped off.
Sophos said that Apple should warn users installing apps through ad-hoc distribution or enterprise provisioning systems that it has not reviewed those applications as it does with regular apps on the App Store.
This will help mitigate the risk of these scams targeting less sophisticated users of iOS devices, Chandraiah said.
“We have shared details of the malicious apps and infrastructure with Apple, but we have not yet received a response from them,” said Chandraiah.