Security News > 2022 > March > ‘CryptoRom’ Crypto-Scam is Back via Side-Loaded Apps
They're leveraging new iOS features - TestFlight and WebClips - to get fake apps onto victims' phones without being subject to the rigorous app store approval process.
According to a Sophos report last fall, the attackers' M.O. is to begin there, then move the conversation to messaging apps.
A crucial component to the CryptoRom attack flow is those fake apps.
The first, TestFlight, is a feature developers can use to distribute beta versions of their apps to testers.
Apps also look"More legitimate when distributed with the Apple Test Flight App," researchers added "The review process is also believed to be less stringent than App Store review."
Even more so than TestFlight, CryptoRom attackers have been using WebClips, a feature that allows web links to be added to the iOS home screen like regular apps.
News URL
https://threatpost.com/cryptorom-crypto-scam-side-loaded-apple-apps/178942/