CryptoRom scammers have struck once again, this time using Apple’s TestFlight software pre-release system to distribute malicious applications to vulnerable iPhone users.
Initially discovered in 2021, CryptoRom used a combo of social media, dating apps, cryptocurrency, and abused Apple’s Enterprise Developer program to steal $1.4 million from users. The malware is now trying to infiltrate Apple’s TestFlight app.
The latest report comes from Sophos, an English security software and hardware company, which claims the issue is affecting both Android and iPhone devices.
The current version of the malware uses the distribution of fake cryptocurrency applications to both iOS and Android.
The TestFlight app is usually used by developers to launch beta versions of their applications before releasing the final product on the App Store. The service is invaluable to users and allows developers to receive feedback and bug reports.
However, applications posted to TestFlight are not subject to the same rigorous oversight as other applications published to the App Store. This allows scammers to drive users into installing a malicious app, follow a simple link and load harmful content onto their devices.
Apple has requested users to not download any application or software from unknown sources, especially links sent through TestFlight.
Get the latest tech news, telecom insights, and product launches wherever you prefer.
Add ProPakistani to Preferred Sources and see more of our stories in Google Search and Top Stories.