Sophos X-Ops has been tracking the evolution of pig butchering schemes for two years. The earliest iterations—dubbed “CryptoRom” scams—involved connecting with potential victims on dating apps and then convincing them to download fraudulent crypto trading applications from third-party sources. In 2022, the scammers continued to refine their operations, this time finding ways to bypass app store review processes to sneak their fraudulent apps into the legitimate App Store and Google Play Store