Serviceteam IT Security News

Over 170 Scam Cryptomining Apps Charge for Non-Existent Services

Security researchers have discovered over 170 Android apps that have scammed tens of thousands of cryptocurrency enthusiasts into paying for non-existent services.

Lookout Threat Lab revealed that 25 of the fraudulent apps were even listed on the official Google Play marketplace.

It separated them into two groups, BitScam and CloudScam, although all use similar business models and the same coding and design.

Both families of scam apps promise the user access to cryptocurrency mining services, capitalizing on a recent spike in the valuation of digital currencies and widespread interest from consumers hoping to make a quick buck.

Those behind the apps are estimated to have made around $350,000 from their victims by charging for the initial app download and subsequent ‘virtual hardware’ or ‘subscription upgrades’ that claim to increase coin mining rates.

In reality, the apps offer nothing under the surface, according to Lookout application security researcher Ioannis Gasparis.

“After successfully logging in, a user is greeted with an activity dashboard that displays the available hash mining rate as well as how many coins they have ‘earned.’ The hash rate displayed is typically very low in order to lure the user into buying upgrades that promise faster mining rates,” he explained.

“After analyzing the code and network traffic, we also discovered the apps display a fictitious coin balance and not the number of coins mined.”

Users are not allowed to withdraw coins until their account balance has hit a minimum level, which is impossible as balances are frequently reset to zero.

“What enabled BitScam and CloudScam apps to fly under the radar is that they don’t do anything actually malicious,” said Gasparis. “In fact, they hardly do anything at all. They are simply shells to collect money for services that don’t exist.”

These apps have scammed around 96,000 victims. Although Google Play has removed the offending titles, dozens more remain on third-party app stores, Lookout warned.

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply