CryptoRom fraudsters have refined their techniques by adding AI chat tools such as ChatGPT to their toolset to defraud iPhone and Android users, a new report by cybersecurity firm, Sophos, has revealed.
The report titled “Sha Zhu Pan Scam Uses AI Chat Tool to Target iPhone and Android Users” revealed that since May, scammers were able to sneak seven new fake cryptocurrency investment apps into the official Apple App and Google Play stores, upping the potential for victims.
These apps have seemingly benign descriptions in the app stores (BerryX, for example, claims to be reading-related). However, as soon as users open the app, they are met with a fake crypto-trading interface
It noted that in 2022, investment fraud caused the highest losses of any scam reported by the public to the US FBI’s Internet Crimes Complaint Center (IC3), totalling $3.31 billion in the US alone.
Frauds involving cryptocurrency, including pig butchering, represented most of these scams, increasing 183 per cent from 2021 to $2.57 billion in reported losses last year.
Speaking on the findings of the report, principal threat researcher at Sophos, Sean Gallagher, said, since OpenAI announced the release of ChatGPT, there has been broad speculation that cybercriminals may use the program for their own malicious activities, adding that Sophos can now say that, at least in the case of pig butchering scams, this is, in fact, happening.
“One of the main challenges for fraudsters with CryptoRom scams is carrying out convincing, sustained conversations of a romantic nature with targets; these conversations are mostly written by ‘keyboarders,’ who are primarily based out of Asia and have a language barrier. Using something like ChatGPT can be a more efficient and effective way to keep these conversations going, making the scams less labour intensive and more authentic. It also enables keyboarders to simultaneously engage with multiple victims at one time,” Gallagher further revealed.
He disclosed that Sophos X-Ops also uncovered a new scammer tactic designed to extort additional money, adding that, “Traditionally, when victims of CryptoRom scams attempt to cash in on their “profits,” fraudsters will tell them they need to pay a 20 per cent tax on their funds before completing any withdrawals. However, a recent victim revealed that after paying the “tax” to withdraw money, the fraudsters said the funds had been “hacked” and they would need another 20 per cent deposit before receiving the funds.”
Prior to being able to get their apps into the Apple Store, CryptoRom fraudsters had to use an awkward technical workaround to target iOS users, which could alert their victims that something was amiss, the researcher said, even as he disclosed that, “Now, it’s much easier for them to target iPhone users, expanding their victim pool. These apps are also easy to recycle and reuse. In fact, the BerryX app appears related to the fake apps we discovered and blocked earlier this year.
“While we have alerted Google and Apple to these latest apps, it’s likely more will pop up. These fraudsters are ruthless. Today, they’re telling victims their accounts have been hacked to extort more money, but in the future, they’re likely to think of new methods of initial and double extortion.”
The company, therefore, advised users who are suspicious or think they may have been a victim to reach out to their security solutions provider.
