170 Android cryptocurrency mining scam apps steal $350 000 from users

Over 170 mobile apps in the Android ecosystem have been identified as scam services designed to jump on the cryptocurrency bandwagon. 

Lookout researchers said this week that the apps, 25 of which were hosted on Google Play, are scamming people interested in cryptocurrencies by offering cloud-based mining services. 

In return for a fee, these mobile apps promise to perform cryptocurrency mining on behalf of subscribers. 

Cryptocurrency mining leverages computing power — either from a personal device or a rented system — to solve computational and cryptographic puzzles, and coins are received in return. 

However, the power required for many types of cryptocurrency is now more than a personal PC can manage, which means that individuals may join mining pools, sharing the work — and the proceeds. 

Lookout analyzed each cryptocurrency mining app that appeared on the firm’s radar and found that not a single one performed any kind of legitimate cloud-based cryptocurrency mining. In other words, users have been paying for a non-existent service. 

There are two main categories of fraudulent apps involved in these schemes, classified by the researchers as “BitScams” and “CloudScams.”

CloudScams offer mining options using cloud computing power, and it is common for developers to create realistic-looking mining services to appear legitimate. BitScams are mobile apps that offer users additional “virtual hardware” — for prices between $12.99 – $259.99 — that promise additional mining returns. 

Payments can either be made via Google Play or through Bitcoin (BTC) and Ethereum (ETH) direct transfers to the developers’ wallets.

screenshot-2021-07-08-at-08-51-50.png

Lookout

Both types use similar business models, but there are groups behind the apps that appear to be competing forces.

According to the company, over 93 000 people have been scammed in this way. An estimated $350 000, or more, has been lost with users paying for fake apps and upgrades, based on the average ‘subscription’ price the apps requested and installation rates.

“What enabled BitScam and CloudScam apps to fly under the radar is that they don’t do anything actually malicious,” the researchers say. “In fact, they hardly do anything at all. They are simply shells to collect money for services that don’t exist.”

Once Google was made aware of Lookout’s findings, offending apps hosted on Google Play were rapidly removed. However, the company has no means to wipe out Android apps hosted on third-party websites, and so users should remain cautious if applications promise returns that are too good to be true. 

Mục lục bài viết

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0