Numerous threat actors have been engaging in pig-butchering scams that involve lures of a romantic relationship or friendship in an effort to exfiltrate targets' cash over the past 18 months, according to CyberScoop.
Hong Kong-based threat actors were noted by Sophos Senior Researcher Sean Gallagher to have deployed such a scam that lured its targets into downloading a fake version of the Russian trading app MetaTrader 4 that requires personal data and documents for registration. Such an account is then used as a repository for the cash transferred by the target.
MetaTrader 4, which has also been used in previous scams, has already been removed from both Apple and Google app stores.
Meanwhile, a Cambodia-based Chinese fraud ring also engaged in a similar scam using the TradingView app, which was observed to have collected nearly $500,000 in cryptocurrency in the course of a month.
Google, Apple, and other companies have already been informed by Sucuri regarding such attacks.