Title: Security Experts Uncover Malicious BOM App That Steals Millions in Cryptocurrency
Introduction
In a major security breach affecting cryptocurrency users, blockchain security experts have revealed the existence of a malicious mobile application that has successfully siphoned off over $1.8 million worth of digital assets. The fraudulent app, dubbed BOM, was designed to extract sensitive wallet information from users’ devices, enabling cybercriminals to execute unauthorized transactions.
Discovery of the Malicious App
According to a February 27 research report by leading blockchain security firms, SlowMist and OKX Web3 Security, the first signs of unauthorized transactions linked to the BOM app appeared on February 14. The app was able to compromise users’ private keys and mnemonic phrases, which are critical for accessing their cryptocurrency wallets.
How the App Operated
Analytical investigations into the app’s functionality revealed troubling practices. The BOM app requested access to users’ files and media—permissions deemed unnecessary for any legitimate blockchain application. Security experts labeled this as “highly suspicious” behavior. On iOS devices, for instance, the app misled users by falsely claiming that such access was essential for its normal operation.
“It has no legitimate reason to require access to the photo gallery,” commented a representative from SlowMist, underscoring the deceptive tactics employed by the app’s creators.
Once granted access, the BOM app conducted a thorough scan of the device’s storage, capturing sensitive wallet data and relaying it to a remote server controlled by the attackers.
Victims and Financial Impact
SlowMist’s investigation estimated that the BOM app targeted approximately 13,000 victims, with the principal hacker’s address identified as 0x49aDd3E. The stolen funds have been traced through various decentralized exchanges (DEXs), including BNB Chain, Ethereum, Polygon, Arbitrum, and Coinbase’s Base. The types of stolen cryptocurrency include significant amounts of Tether (USDT), Ethereum (ETH), Wrapped Bitcoin (WBTC), and Dogecoin (DOGE).
In a disturbing twist, some of the stolen assets were subsequently exchanged on decentralized platforms such as PancakeSwap and OKX-DEX, further complicating efforts to trace and recover the funds.
Steps Taken for Analysis and Security
The investigation, spearheaded by SlowMist, involved rigorous on-chain analysis to uncover the main sources of data leaks associated with the BOM app. However, during this analysis, it was noted that the app’s backend services had gone offline, indicating that the perpetrators may be taking steps to erase their digital footprints.
Conclusion
The revelation of the BOM app highlights the continuous threats faced by cryptocurrency users in the digital space. As security experts work to analyze the situation further, this incident serves as a crucial reminder for users to remain vigilant about app permissions and to ensure that they are downloading applications from verified sources. Further steps may be necessary to bolster security measures and prevent similar breaches in the future.
Share this article:
