Sophos X-Ops

Sophos X-Ops has uncovered new insights into the evolving tactics deployed by pig butchering scammers.

X-Ops encountered a #shazhupan #pigbutchering ring that is using generative text AI chat to communicate with its targets. Sophos’
@jag_chandra also found multiple additional fake crypto apps used by these rings that got past Apple and Google App Store review.

Aug 2, 2023 at 7:22pmWeb
Show threadSophos X-OpsAug 2, 2023
The scammer used a chatbot-likely ChatGPT- to generate responses to a target’s messages in a WhatsApp chat-but failed to edit out AI artifacts.
Show threadSophos X-OpsAug 2, 2023
Sophos also uncovered a new tactic to squeeze victims for additional funds beyond charging a 'tax' on their withdrawals. In one case, the scammers claimed that the victim’s account had been hacked, and they needed to deposit more money to verify their identity and get their funds "unstuck" from the blockchain.
Show threadSophos X-OpsAug 2, 2023

Developers of scam apps continue to use the same techniques to bypass App Store review, switching a pointer to interface code with a change to the server they fetch web code from. We found one fraud app used the same source as a previously discovered and reported app.

For more details see our full report here: https://news.sophos.com/en-us/2023/08/02/sha-zhu-pan-scam-uses-ai-chat-to-target-iphone-and-android-users/

Sha zhu pan scam uses AI chat tool to target iPhone and Android users

“CryptoRom” fake crypto-trading mobile apps pushed through AI-assisted romance scam, using ChatGPT to lure targets.

Sophos News
Show threadB-rad 🏳️‍🌈👨‍💻Aug 5, 2023
@SophosXOps does this use of LLMs mean they are preying on less vulnerable people in order to trap them into running their scams for them or does it just mean they are making their “workers” do more work?