Google has filed a lawsuit against two app developers for engaging in an “international online consumer investment fraud scheme” that tricked users into downloading fake Android apps from the Google Play Store and other sources and stealing their funds with the pretext of promising higher returns.
The individuals in question are Yunfeng Sun (aka Alphonse Sun) and Hongnam Cheung (aka Zhang Hongnim or Stanford Fischer), who are believed to be based in Shenzhen and Hong Kong respectively.
The defendants are said to have uploaded around 87 crypto apps to the Play Store to carry out the social engineering scam since at least 2019, with over 100,000 users downloading them leading to significant financial losses.
“The earnings earned from the apps were illusory,” the tech giant said in its complaint. “And the plan didn’t end there.”
“Instead, as individual victims attempted to withdraw their balances, the defendants and their accomplices doubled down on the scheme by demanding various fees and other payments to the victims that were purportedly necessary for the victims to recoup their major investments and purported earnings.”
While this type of scam is generally referred to as pig slaughter (also known as shā zhū pán), Google said it “does not adopt or support the use of this term.” It stems from the idea that victims are fattened like pigs with the promise of lucrative earnings before “slaughtering” them for their assets.
In September 2023, the US Financial Crimes Enforcement Network (FinCEN) said that these scams are perpetrated by criminal enterprises based in Southeast Asia that employ hundreds of thousands of people who are trafficked into the region by promising them high-paying jobs.
The fraudulent scheme involves scammers using elaborate fictitious personas to target unsuspecting individuals via social media or dating platforms, enticing them with the prospect of a romantic relationship to build trust and convince them to invest in cryptocurrency wallets that claim to offer high profits in a short time. time frame with the aim of stealing their funds.
To create an appearance of legitimacy, financially motivated actors have been known to fabricate websites and mobile apps to showcase a phony investment portfolio with large returns.
Sun and Cheung, Google said, lured victim investors into downloading their fraudulent apps via text messages using Google Voice to target victims in the United States and Canada. Other distribution methods include affiliate marketing campaigns that offer commissions for “signing up additional users” and YouTube videos that promote fake investment platforms.
The company described the malicious activity as persistent and ongoing, with the defendants “using various network infrastructures and computer accounts to obfuscate their identities and, in the process, making false statements to Google.”
It also charged them with violating the Racketeer Influenced and Corrupt Organizations Act (RICO), committing wire fraud, and violating the Google Play App Signing Terms of Service, Developer Program Policies, Guidelines YouTube community guide, as well as the Google Voice Acceptable Use Policy. .
“Google Play can continue to be an app distribution platform that users want to use only if they feel confident in the integrity of the apps,” Google added. “By using Google Play to conduct their fraud scheme, the defendants threatened the integrity of Google Play and the user experience.”
It’s worth noting that the problem isn’t limited to just the Android ecosystem, as previous reports show that such fake apps have repeatedly made their way to the Apple App Store as well.
The development is the latest in a series of legal actions Google has taken to prevent misuse of its products. In November 2023, the company sued several individuals in India and Vietnam for deploying fake versions of its Bard AI chatbot (now renamed Gemini) to propagate malware via Facebook.