Thieves abused Apple's enterprise app programs to steal $1.4 million in crypto

Thieves have used a combination of social media, dating apps, cryptocurrency, and abuse of Apple's Enterprise Developer program to steal at least $1.4 million from unsuspecting victims.

A scam circulating for six months has evolved to impact iOS users. The CryptoRom fraud implementation is fairly straight-forward — after gaining a victim's trust through social media or existing data apps, users are fooled into installing a modified version of a cryptocurrency exchange, baited into investing, and then defrauded out of cash.After gaining the trust of the victim through the dating apps, scammers start discussing cryptocurrency investments. They are then directed to a website that looks like the Apple App Store, and then told to download a Mobile Device Management profile, giving control of a number of features, and the ability to use signed apps made by the fraudsters.

Read more...