TLDR
Pig butchering ('CryptoRom') operations distribute fake trading apps via Apple TestFlight (beta testing channel that bypasses App Store review) or via .mobileprovision enterprise profiles. Victim adds the app from a TestFlight invite link,...
How it works
Pig butchering ('CryptoRom') operations distribute fake trading apps via Apple TestFlight (beta testing channel that bypasses App Store review) or via .mobileprovision enterprise profiles. Victim adds the app from a TestFlight invite link,...
Red flags
- Urgent pressure to click, pay, or share codes immediately.
- A link or sender that does not match the official organization.
- Requests for card data, passwords, OTPs, wallet signatures, or bank transfers.
What to do
- 1Tells: 1) you were sent a TestFlight code by your 'romantic partner' or LinkedIn 'investor'; 2) app icon is generic; 3) developer name is unknown LLC; 4) deposits go to a wallet address (not an exchange's omnibus); 5) withdrawal demands 'tax', 'liquidity fee', 'verification deposit'.
Source
FAQ
Is TestFlight / mobileprovision abuse — fake crypto trading app outside App Store review a real scam pattern?
Yes. Treat the message, call, or payment request as suspicious until you verify it through an official channel.
What are the first warning signs?
Urgent pressure to click, pay, or share codes immediately.; A link or sender that does not match the official organization.; Requests for card data, passwords, OTPs, wallet signatures, or bank transfers.
What should I do first?
Tells: 1) you were sent a TestFlight code by your 'romantic partner' or LinkedIn 'investor'; 2) app icon is generic; 3) developer name is unknown LLC; 4) deposits go to a wallet address (not an exchange's omnibus); 5) withdrawal demands 'tax', 'liquidity fee', 'verification deposit'.
Can LegalAudit check my case?
Yes. Start a free chat and paste the message, link, sender, or payment details for triage.