FBI warns against threat actors using beta apps to steal money

Beta programs are an excellent way for developers to test their applications in real-world scenarios as it helps them identify and resolve bugs before a public release. However, according to a new report from the FBI, threat actors have started taking advantage of the relaxed security policies for beta apps to steal personal information and gain unauthorized access.

Taking advantage of Google’s relaxed security testing, threat actors design counterfeit beta apps that, at first glance, seem authentic. Once the app is up and running, the threat actors then send out phishing emails, luring unsuspecting victims to download the app embedded with malicious software. In some instances, cybercriminals even succeeded in persuading users to jailbreak their devices and permit installations from unofficial sources.

According to the report, the scam primarily focuses on cryptocurrency enthusiasts, luring them with promises of substantial investment returns via counterfeit trading apps. Upon downloading the app, the unsuspecting users are manipulated into sharing their online financial account credentials, under the impression that this information will be employed to oversee their investments. Unfortunately, the threat actors exploit this data to execute fund transfers.

How to spot such malicious apps?

To help people identify such beta apps, the FBI, in its report, has also highlighted the telltale signs of such malware on your device. These include rapid battery depletion, sluggish processing performance, and the abrupt appearance of unauthorized applications. Additionally, users should also be wary of installing apps from unfamiliar developers and always check user reviews, particularly those detailing excessive battery drainage or overheating concerns.

Moreover, in order to protect against cyberattacks, the FBI advocates refraining from clicking on suspicious links within emails, meticulously checking emails that prompt immediate action, and activating two-factor authentication (2FA).

However, should one, unfortunately, fall victim to such a scam, the FBI has established a system where victims can fill out a form, contributing to the broader endeavor of countering these cyber threats.