'Pig butchering': How cybercriminals target investors with fake trading apps
Cybersecurity firm Group-IB has discovered a number of fake trading apps on Google Play and Apple's App Store. The fake apps are part of a larger international scam called "pig butchering," an investment fraud that has allegedly stolen over $75 billion in the last four years. The scam tricks victims into making large investments, which are then drained by the fraudsters.
Scammers use social engineering to lure victims
The "pig butchering" scam isn't just for crypto enthusiasts. Scammers use sophisticated social engineering techniques, often building relationships on dating or social media platforms, to lure their victims. Once trust is established, victims are lured into downloading fake trading apps that appear real. Since May, Group-IB has detected multiple such fake apps masquerading as trading platforms on Google Play and the App Store.
Fraudulent apps exploit user trust for financial gain
The fraudulent apps, developed using the UniApp Framework and belonging to the UniShadowTrade malware family, often pretend to be tools for complex mathematical calculations or stock-related news. After registering and sharing sensitive information, users are encouraged to make deposits and later pressured into investing more money. But, this money can never be withdrawn. Despite some apps being removed, Group-IB says cybercriminals continue distributing them via phishing websites targeting both Android and Apple users.
Global impact and rise of investment scams
Victims of these schemes are spread across Asia-Pacific, Europe, and the Middle East. The rise of these fake apps represents an escalation in the tactics of fraudsters in the investment sector. They have also been known to trick people into transferring money through Bitcoin ATMs and impersonating popular retail websites as part of their scams.
