Watch out! Pig Butchering Scam Targets Android and iPhone Users


 Pig butchering scams that promise huge profits from cryptic crypto investments have begun to infiltrate the Google Play Store and Apple App Store. Android and iPhone users are asked to be more careful.

The pig butchering scam has actually been going on for years. This form of fraud usually involves fake websites and advertisements to social engineering. By using fraudulent applications circulating on official app stores, fraudsters can gain the victim's trust more easily.


A cybersecurity researcher from Sophos said pig butchering scammers usually target male users on Facebook or Tinder. Sophos came across this scam campaign originating from the 'ShaZhuPan' group from China.


Fraudsters usually use profile photos of beautiful women to trick victims, and display photos of lavish lifestyles. After gaining the victim's trust, the scammers then say that they have an uncle who works for a financial analysis company.


The victim was then invited to buy cryptocurrency through a fake application called BitScan on the Play Store, as well as Ace Pro and MBM_BitScan on the App Store. The scammer then guides the victim to first open a deposit on the Binance crypto exchange platform, then gets transferred to the fake app.



This fraudulent application initially allows victims to withdraw their crypto investments in small amounts to make victims more trusting. But after the nominal gets bigger, the victim's account will be locked.


To be able to infiltrate the App Store, the ShaZhuPan group initially connects the application with a 'good' server until it gets approval from Apple. After passing the review, the fraudster then changes the domain and connects the application to the "malicious" server.


After opening the application, the victim will see a crypto trading application-style interface sent from a malicious server. However, all the information displayed on the interface is a hoax, except for the victim's deposit.


Since these fraudulent apps were only downloaded by a small number of users who were victims, not many reported these apps for fraudulent acts. Google and Apple also find it difficult to recognize and kick this fraudulent application from their application store, as quoted from Bleeping Computer, Sunday (5/2/2023).


Sophos says the popularity of fintech services makes it easier for consumers to trust apps like these. Moreover, the fraudulent application made it into the Google Play Store and Apple App Store.


For this reason, Android and iPhone users are asked to be careful before installing new applications. Always check reviews and comments from other users, view privacy policies, details about the developer, and information about the company.

Previous Post Next Post

Contact Form