Scammers are bypassing Apple’s App Store security, stealing thousands of dollars’ worth of cryptocurrency from the unwitting, using the TestFlight and WebClips programs.
For about a year now, crypto-traders and lovelorn singles alike have been losing their money to CryptoRom, a malware campaign that combines catfishing with crypto-scamming.
According to research from Sophos, CryptoRom’s perpetrators have now improved their techniques. They’re leveraging new iOS features – TestFlight and WebClips – to get fake apps onto victims’ phones without being subject to the rigorous app store approval process.
Successful CryptoRom scams have resulted in five-, six- and even seven-figure losses for victims.
Read more: threatpost.com