Fake cryptocurrency mining apps Stole Money from
Over 170 Android apps were found to be scamming users who downloaded them. The apps purported to mine cryptocurrencies, but instead they stole money.
The crypto mining apps took money from by charging fees for mining services they never provided. It’s common to pool computing resources used in crypto mining as the process is processor and electricity intensive.
The majority of apps charged a fee for the initial download. they offered subscriptions that users could pay for via Google Play. Some apps also included fake upgrades, faster crypto mining rates, and options to net additional profits.
To snag more victims, an additional scheme offered 20% earning of any friends who are referred to the app.
Payment was accepted through legitimate payment gateways. Some of the apps also accepted Bitcoin and Ethereum as payment options.
“Because of the simplicity and agility of cloud computing, it is quick and easy to set up a realistic-looking crypto mining service that is really a scam, “ say cyber security researchers at Lookout Threat Lab.
Sophisticated Crypto Mining Scam App
Many of the apps had similar design and programming underneath it all. They even included a dashboard as well as a tally of how many coins the users had earned.
The apps themselves caused no harm to the device they are installed on. There is no malware or spyware. Users are of course unable to transfer any of their earned coins to a cryptocurrency wallet because no coins were ever mined.
Of the 170 scam apps, 25 of them were on Google’s official app store, Google Play.
Lookout calculated that the scammers earned $300,000 USD from app downloads and another $50,000 USD through non-existent upgrades.
Google has since remove the apps from Google Play.
How to Spot a Scam Mining App
People using antivirus apps on their phones and tablets are generally protected from malicious apps and their schemes.
- Read app reviews before downloading anything. Comments from other users often will give away that an app is either nonfunctional or an outright scam.
- Be sure to read the terms of service so you are not giving away personal information to the developer.
- Never give any app or software more permission than it needs to do its job. For example, a cryptocurrency mining app does not need to access all your contacts or photos to run. Requesting excessive permissions or access is a major indicator of fraud.
- Beware of apps that either crash often or slow down your phone. Read our guide if your phone is slow, chewing through battery life, or running hot. Learn to look for the telltale signs of a malicious app.
- Never download an app from inside another app or game.
- Always install apps from an official source like the Apple Store or Google Play. Yes, it’s true that some of these scam apps actually made it to Google Play, but they were discovered and removed. You’re far less likely to encounter a scam app when downloading from an app store or the producer’s official website.