‘Pig Butchering’ Trading Apps Found Lurking on Google Play and App Store

October 4, 2024 0
Lore Apostol


Created using Copilot | Powered by DALL.E 3
  • Several apps impersonating legitimate trading companies were discovered on the Android and Apple app stores.
  • Via “pig butchering” scams, hackers trick victims who install their counterfeit apps into investing money they will never see again.
  • Cybercriminals rely on phishing websites and social engineering, promising high investment returns.

A new wave of “pig butchering” scams infiltrated Google Play and Apple's App Store. These fraudulent trading apps enticed victims with promises of high investment returns, only to defraud them of their funds, as per cybersecurity firm Group-IB.

Essentially, these apps are designed to steal users' funds by tricking them into investing via false versions of real trading and cryptocurrency platforms. This type of attack works by directing unsuspecting users to a counterfeit version of a legitimate trading app through phishing links or fake advertisements.

This type of scam not only results in financial loss but also exposes victims to identity theft, given the sensitive documents requested by the fraudulent apps, as people are asked to upload identification documents, such as an ID card or passport, as well as personal information and job-related details.

Fraud steps (Source: Group-IB)

Recent investigations identified several fake trading apps operating under the guise of legitimate financial tools. These apps, including SBI-INT (iOS), Finans Insights (Android), and Finans Trader6 (Android), were downloaded thousands of times before their removal from official app stores.

Group-IB classifies these applications under the “UniShadowTrade” malware family, which is built using the UniApp framework. The apps impersonated legitimate trading and cryptocurrency platforms, deceiving users into uploading sensitive documents and diverting them to sham trading platforms accessible only via invitation codes.

Victims, lured by the promise of substantial investment returns, unknowingly contributed funds that were swiftly redirected to the fraudsters' accounts.

In other recent news, an app mimicking the legitimate WalletConnect went undetected on the Play Store, luring more than 150 victims via fake reviews and high-ranking search results. The cybercriminals stole around $70,000 over the course of five months.

Written by David Minister

Written by ODD Balls

Related Articles

Jailbreak Firestick in Seconds and Install Any App
FAQ

Jailbreak Firestick in Seconds

December 2, 2019 6

Jailbreak Firestick in Seconds and Install Any App The guide below shows you how easy it is to jailbreak Firestick hardware from Amazon so that you can install third-party applications quickly and easy. All Amazon […]

No Picture
Reviews

Sydantenn Play

August 14, 2018 0

Sydantenn Play is for you who are a customer at Sydantenn with digital TV subscription. What play services you have access depend on which TV packages you subscribe to. With Sydantenn Play you can watch […]

Be the first to comment

Leave a Reply

Your email address will not be published.


*