With investments in cryptocurrencies gaining popularity worldwide as a method to earn extra income, cybercriminals are also adopting new tactics to defraud people. This time, they have targeted the official Apple Store and Google Play Store.
A recent report by cybersecurity firm Sophos states that researchers have discovered that CryptoRom fraudsters have integrated an AI chat tool similar to ChatGPT into their toolkit to effectively deceive users.
These scammers have introduced seven fraudulent cryptocurrency investment apps through which they are carrying out their illicit activities. Typically, any mobile application available on the official Apple App Store and Google Play Store is considered safe from a security standpoint. This development escalates the potential risk for victims who might fall prey to their schemes.
The initial discovery of CryptoRom scammers utilizing the AI chat tool, likely resembling ChatGPT, happened when a victim who had been swindled reached out to the research team. The victim had interacted with the scammer through Tandem, a language-sharing app that has also been misused as a dating platform. Subsequently, the scammer persuaded the victim to continue the conversation on WhatsApp. Suspicions arose when the victim received an extensive message that seemed to be partially generated by an AI chat tool using a large language model (LLM), as outlined in the report.
"Since OpenAI announced the release of ChatGPT, there has been widespread speculation that cybercriminals might exploit the program for malicious activities. We can now confirm that, at least in the case of scams like these, this is indeed occurring," said Sean Gallagher, Principal Threat Researcher at Sophos.
Furthermore, the researchers uncovered a novel strategy employed by scammers to extract additional funds. Traditionally, victims ensnared by CryptoRom scams, who attempt to withdraw their supposed "profits," are instructed by the fraudsters to pay a 20 percent tax on their funds before completing any withdrawals. However, a recent victim disclosed that after complying with the "tax" payment for the withdrawal, the scammers alleged that the funds had been compromised due to a "hack." As a result, the victim was coerced into providing another 20 percent deposit to regain access to their funds, as detailed in the report.
Delving deeper into their investigation, the experts revealed the presence of seven counterfeit cryptocurrency investment applications within the official Apple App Store and Google Play Store. These apps feature seemingly innocent descriptions in the app stores; for instance, one app named "BerryX" claims to be related to reading. Yet, upon launching these apps, users are confronted with a fabricated crypto-trading interface, as detailed in the report.
This is not the first instance when AI is being used by the cyber criminals. A report by the home grown cyber security firm Cloudsek published on March 13 claimed that hackers are increasingly using AI tools to spread malware and such activities rose nearly 300% each month since November 2022.
Attackers are targeting both popular and barely active accounts in a bid to spam such videos on YouTube, the report further said.