"Threat Actors Use Beta Apps to Bypass Mobile App Store Security"
The FBI has issued a warning about a new tactic used by cybercriminals to steal cryptocurrency. The tactic involves the promotion of malicious "beta" versions of cryptocurrency investment apps on mobile app stores. The threat actors submit the apps to mobile app stores as "betas," meaning they are in the early stages of development. They are meant to be used by tech enthusiasts or fans to test and provide feedback to developers before the software is officially released. The advantage of this method is that beta apps are not subjected to a standard, comprehensive code review process but are instead superficially inspected for safety. This less rigorous code review process is not enough to unearth the hidden malicious code that is activated post-installation to carry out a variety of hostile actions. This article continues to discuss threat actors using beta apps to bypass mobile app store security.
Bleeping Computer reports "Threat Actors Use Beta Apps to Bypass Mobile App Store Security"