Numerous Scam Cryptomining Apps Discovered on Google Play Store

Thousands of Android users have lost millions of dollars as fake cryptomining apps flooded the Google Play Store. These include over a hundred applications – all claiming to provide cloud cryptomining services. But in reality, they all scammed people for money.

Fake Android Cryptomining Apps Spotted

Researchers from the cybersecurity firm Lookout have found numerous Android apps with claims to provide cloud cryptomining.

As elaborated in their report, they found more than 170 applications targeting Android users. Of these, at least 25 even existed on the Google Play Store, whereas, the rest resided on third-party app stores.

These apps specifically belonged to two main families, BitScam and CloudScam. Both the categories primarily consisted of paid applications, indicating that the threat actors made money from the apps’ sales. As the researchers noted,

Based on our analysis, they scammed more than 93,000 people and stole at least $350,000 between users paying for apps and buying additional fake upgrades and services.

Regarding how the apps worked, the researchers found them exhibiting no apparent malicious activity. That’s why they stayed under the radar for a long time.

However, analyzing the apps in detail revealed the underlying scam.

Briefly, these fake apps displayed a very low hash rate luring users into buying in-app upgrades. Besides, unlike the legit cryptomining apps that would display the coin amount after querying via an API and stored in a cloud database, these fake apps displayed fabricated balance instead of the actual number of coins mined – that too, would often reset after a device reboot.

The BitScam apps also prevented users from withdrawing money from the apps, by frequently resetting the balance, so that the user would never reach the withdrawal limit. These apps also urged the users to buy virtual hardware upgrades – another way to make money.

Google Removed The Apps, But Some Still Persist Elsewhere

Following the researchers’ report, Google removed these apps from the Play Store. However, dozens of such apps still exist on third-party app stores.

Therefore, users should use extreme caution while using such applications. The researchers advise users to verify the app developers, going through the terms and conditions of service, checking app reviews, monitoring the app permissions before and while using such apps.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients