Researchers have observed CryptoRom fraudsters refining their techniques, including adding a ChatGPT-like AI chat tool to their toolset to trick users into scams, a new report said on Monday.

According to the cybersecurity firm Sophos, scammers were able to sneak seven new fake cryptocurrency investment apps into the official Apple App and Google Play stores, upping the potential for victims.

The researchers first learned of CryptoRom scammers using the AI chat tool — most likely ChatGPT — when a conned victim reached out to the team.

After contacting the victim on Tandem, a language-sharing app that has also been used as a dating app, the scammer convinced the victim to move their conversation to WhatsApp. The victim became suspicious after he received a lengthy message that was clearly partly written by an AI chat tool using a large language model (LLM), the report said.

Buy Me A Coffee

“Since OpenAI announced the release of ChatGPT, there has been broad speculation that cybercriminals may use the program for their own malicious activities. We can now say that, at least in the case of pig butchering scams, this is, in fact, happening,” said Sean Gallagher, principal threat researcher, at Sophos.

The researchers also uncovered a new scammer tactic designed to extort additional money. Traditionally, when victims of CryptoRom scams attempt to cash in on their “profits”, fraudsters will tell them they need to pay a 20 percent tax on their funds before completing any withdrawals. However, a recent victim revealed that after paying the “tax” to withdraw money, the fraudsters said the funds had been “hacked” and they would need another 20 percent deposit before receiving the funds, according to the report.

READ
CERT-In Finds Multiple Bugs in Google Chrome, SAP Products

Upon further investigation, the experts found seven fake cryptocurrency investment apps in the official Google Play and Apple App stores. These apps have seemingly benign descriptions in the app stores (BerryX, for example, claims to be reading-related).

However, as soon as users open the app, they are met with a fake crypto-trading interface, the report mentioned.