Cloud Cryptomining Swindle in Google Play Rakes in Cash
According to Lookout, at least 25 different apps available in the Google Play store have lured thousands of victims into downloading malicious applications that promise to help users gain cash through crypto mining. The Android apps are estimated to have scammed more than 93,400 victims to date, totaling roughly $350,000 in damages. Lookout states that the apps were categorized into BitScam and CloudScam versions. The malicious tools advertise themselves as providing cryptocurrency mining services for a fee, claiming to perform cloud mining for users rather than users buying hardware and paying electricity bills to contribute to a mining pool. These advertisements claimed that cloud minders could rent computing power instead.
According to Lookout, the apps were able to fly under the radar because there is no malicious activity within the apps themselves, therefore there are no risks to detect. The real scam, however, is charging the users a fee for the service, which is not provided. The shells target people interested in the cryptocurrency craze. The scammers also promote additional services and upgrades as in-app purchases, either through transferring Bitcoin or Ethereum cryptocurrencies directly to the developers’ wallets. Lookout uncovered 25 apps on the official Google Play store and 170 overall when looking at third-party app stores as well. The apps have since been removed from Google Play.