Pig Butchering Alert: Fraudulent Trading App targeted iOS and Android users

Oct. 4, 2024, 12:42 p.m.

Description

A large-scale fraud campaign involving fake trading apps targeting Apple iOS and Android users across multiple regions has been uncovered. The apps, developed using the UniApp framework, were distributed through official app stores and phishing sites. Unlike conventional mobile trojans, these apps lack typical malicious features, instead creating a facade of legitimate trading platforms to defraud victims. The scam, known as pig butchering, involves cybercriminals luring victims into fraudulent investment schemes, often through social engineering tactics. Victims are tricked into funding bogus trading accounts, ultimately losing their money. The fraudulent apps have been classified under a single malware family dubbed UniShadowTrade, providing multi-language support and targeting victims globally.

External References

https://www.group-ib.com/blog/pig-butchering/
https://otx.alienvault.com/pulse/66ffc31e1ea2ee974286e2c5
Tags
ios
social engineering
android
cross-platform
2024-10-04
pig butchering
uniapp
fraudulent trading apps
unishadowtrade
goldpickaxe

Date

  • Created: Oct. 4, 2024, 10:27 a.m.
  • Published: Oct. 4, 2024, 10:27 a.m.
  • Modified: Oct. 4, 2024, 12:42 p.m.

Indicators

  • e817c2f94aefbcba5fbb46f406a21d2ca3b0173b261356b0270787855b4d3ae0
  • www.yupstocks.com
  • www.upstoxcalculator.com
  • http://www.yupstocks.com/h5/#/login
  • http://www.REDACTED.com/h5
  • http://a.gold-blockchain.cc/app/home/getH5
  • api.fxbrokers.cc
  • a.gold-blockchain.cc
  • gold-blockhain.cc
Download all indicators here!

Attack Patterns

  • UniShadowTrade
  • GoldPickaxe

Additional Informations

  • Finance