A recent report from cybersecurity firm Group-IB reveals a widespread scam operation where hackers use counterfeit trading apps to steal money from users on iPhones and Android devices. These deceptive applications, found on both Google Play and the Apple App Store, have ensnared thousands of victims before their detection and removal from the platforms.
Experts advise users to uninstall any suspicious trading apps from their smartphones immediately.
The report identifies these fraudulent applications as part of the “UniShadowTrade” malware family. Positioned as legitimate trading platforms, these apps entice users into investing through a scam known as “Pig Butchering,” Times of India reported.
Also read: YouTube Shorts says goodbye to the 60-second limit—allowing 3-minute-long vertical videos
What is the “Pig Butchering” Scam
“Pig Butchering” scams involve building trust with victims over time, often through interactions on social media or dating platforms. Once trust is established, scammers introduce victims to a fake investment opportunity, encouraging them to deposit funds onto a fraudulent platform that displays fake returns. When victims try to withdraw their supposed profits, they find that their money has disappeared and the scammers are unreachable.
Also read: Apple opening 4 more official stores in India at these locations, to begin selling made in India iPhone 16 Pro soon
Details of the Fake Trading Apps
Group-IB researchers noted that the UniShadowTrade apps, built using the UniApp framework, first surfaced in May. The fraudulent app for iOS was named “SBI-INT,” while Android users encountered apps called “Finans Insights” and “Finans Trader6.” Before being taken down, these applications accumulated over 5,000 downloads on Android.
Methods Used by Hackers to Deceive Users
Initially, the apps disguised themselves as legitimate financial tools. On iOS, the SBI-INT app claimed to provide assistance with algebraic mathematical formulas and 3D graphics calculations. The Android versions presented themselves as financial news aggregators. After installation, the apps redirected users to fake trading platforms that required invitation codes for access.
Also read: WhatsApp gets another Instagram-like feature, you can now tag on Status updates
Hackers employed social engineering techniques to manipulate users, often grooming them through conversations on dating platforms to gain their trust. The fraudulent apps also requested sensitive documents, such as national IDs and passports, further masquerading as legitimate entities while simultaneously collecting personal information.
While the fraudulent apps have been removed from app stores, hackers have reportedly transitioned to phishing websites, continuing to exploit unsuspecting users. Group-IB warns that the UniShadowTrade apps can replicate various legitimate cryptocurrency and trading platforms, urging users to remain vigilant against potential scams.