cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Sophos uncovers 167 fraudulent crypto and finance apps

UK cyber security company Sophos has uncovered 167 fake cryptocurrency and finance apps, with a number of imitation websites purporting to be trusted brands to steal users’ money.

user icon Liam Garman
Wed, 19 May 2021
Sophos uncovers 167 fraudulent crypto and finance apps
expand image

Following an extensive investigation, UK-based cyber security firm Sophos revealed that it had found 167 fraudulent apps across both Apple and Android platforms, which presented themselves as legitimate cryptocurrency and financial trading apps to steal users' money. Some of these apps even purported to be from trustworthy organisations.

The firm detailed their findings in the article “Fake Android and iOS apps disguised as trading and cryptocurrency apps”, which demonstrated how the malicious actors wielded imitation websites with app download links to trick users. To build up the legitimacy of the websites, Sophos revealed that many of the sites even included chat options.

Interestingly, many of these websites contained a similar layout and the while the chat options used similar language.


“Sophos researchers investigated the fake apps and found that many were very similar. Some included an embedded customer support 'chat' option. When researchers tried to communicate with the support teams using the chat, the replies they received used near-identical language. The researchers also uncovered a single server loaded with 167 fake trading and cryptocurrency apps. Taken together, this suggests that the scams could all be operated by the same group,” the statement from Sophos said.

However, the scams were not just limited to bogus websites, with malicious actors also creating an imitation app store and scamming people on dating apps.

Jagadeesh Chandraiah, senior threat researcher at Sophos, outlined that many scammers are hiding behind legitimate brands to take advantage of people.

“People trust the brands and people they know – or think they know – and the operators behind these fake trading and cryptocurrency scams ruthlessly take advantage of that. The fake applications we uncovered impersonate popular and trusted financial apps from all over the world, while the dating site sting begins with a friendly exchange of messages to build trust before the target is asked to install a fake app. Such tactics make the fraud seem very believable,” he said.

“To avoid falling prey to such malicious apps, users should only install apps from trusted sources such as Google Play and Apple’s app store. Developers of popular apps often have a web site, which directs users to the genuine app and, if they have the skills to do so, users should verify if the app they are about to install was created by its actual developer. Last, but not least, if something seems risky or too good to be true – high returns on investment or someone from a dating site asking you to transfer money or cryptocurrency assets into some ‘great’ account – then sadly it probably is.”

The booming cryptocurrency market has provided a lucrative option for upstart scammers.

Liam Garman

Liam Garman

Liam Garman is the editor of leading Australian security and defence publications Cyber Daily and Defence Connect. 

Liam began his career as a speech writer at New South Wales Parliament before working for world leading campaigns and research agencies in Sydney and Auckland. Throughout his career, Liam has managed and executed a range of international media and communications campaigns spanning politics, business, industrial relations and infrastructure. He’s since shifted his attention to researching and writing extensively on geopolitics and defence, specifically in North Africa, the Middle East and Asia. He holds a Bachelor of Commerce from the University of Sydney and a Masters of Strategy and Security from UNSW Canberra, with a thesis on postmodernism and disinformation operations. 

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.