Researchers have discovered that CryptoRom fraudsters have been refining their techniques in order to deceive users into falling for scams. According to cybersecurity company Sophos, scammers have managed to introduce seven new fake cryptocurrency investment apps into the official Apple App Store and Google Play Store, thereby increasing the potential number of victims.
Sophos became aware of the CryptoRom scammers’ utilization of an AI chat tool, possibly ChatGPT, when a victim who had been scammed reached out to their team. The victim had initially been contacted on Tandem, a language-sharing app that has also been utilized as a dating app. The scammer convinced the victim to continue their conversation on WhatsApp. However, suspicions arose when the victim received a lengthy message that clearly seemed to be partly generated by an AI chat tool employing a large language model.
Sean Gallagher, Principal Threat Researcher at Sophos, stated, “Since OpenAI announced the release of ChatGPT, there has been speculation that cybercriminals might utilize the program for malicious activities. We can now confirm that, at least in the case of pig butchering scams, this is indeed occurring.”
In addition, the researchers discovered a new tactic employed by scammers to extort additional funds. Normally, when victims of CryptoRom scams attempt to withdraw their “profits,” the fraudsters request a 20% tax payment on the funds before completing the withdrawal. However, a recent victim disclosed that after paying the “tax” for the withdrawal, the scammers claimed that the funds had been “hacked,” requiring an additional 20% deposit in order to receive the funds.
Further investigation revealed the presence of seven fake cryptocurrency investment apps in the official Google Play and Apple App stores. These apps have seemingly harmless descriptions (e.g. BerryX claims to be reading-related), but once opened, users are confronted with a fake crypto-trading interface.