Android users are looking for ways to make a few extra bucks on their devices. Cryptocurrency mining apps often find their way into popular “Free” apps, where unsuspecting users download them without giving a second thought. Once installed, these apps mine for cryptocurrency that the user never even knew they had installed on their phone, draining their battery and draining their bank account.
More than two dozen Android users have collectively lost over $350,000 in virtual funds after downloading nearly 200 malware-infected apps that mine cryptocurrency for their creators. The crooks hacked into unsuspecting users’ phones and downloaded the malicious mining software, which floated on the Google Play store before users discovered the downloads and deleted them.
Security researchers from Lookout Threat Lab identified between 170 and 200 Android apps, 25 of which were hosted in the Google Play Store, that enticed more than 93,000 customers to pay about $350,000 (based on the average subscription price) in the name of mining cryptocurrencies.
These apps advertise themselves as cloud-based mining services for cryptocurrencies, where customers can sign up for a cloud-based mining service for a small subscription fee, but there is no mining service. They are clearly fraudulent. The lab classified these applications into two families: BitScam and CloudScam.
Usually, malicious applications embed code or flood the user with ads. But what got these apps into the Play Store is that they don’t do anything malicious at all. These are just money collecting shells called crypto mining.
News: Geekbench excludes the OnePlus 9 and 9 Pro after a benchmark mess.
In cryptocurrency mining, a computer solves cryptographic or mathematical problems in exchange for a small amount of cryptocurrency. However, the computing power required for these tasks is greater than that of an average computer.
This forces investors to pool their resources to create mining companies and share the revenue. It is clear that this approach is unacceptable to those who do not have the financial resources to invest in powerful equipment or to set up a farm.
This is where these fraudulent applications come into play. CloudScams offer cloud mining services to pay for a cloud mining computer, similar to virtual web hosting. BitScams are apps that promise additional virtual hardware for prices ranging from $12.99 to $259.99 and promise additional mining revenue.
BitScam application provides virtual hardware upgrade | Source: Research
These applications work together, with CloudScams providing a mining platform and BitScams providing additional acceleration hardware to trick the user. They can even show you a dashboard where you can see and track your current income.
By analyzing the code and network traffic, the researchers discovered that the apps were displaying dummy counter readings, which is essentially a slowly rising counter in the app to give the impression that you are mining crypto-currencies.
Applicationexhibits poor balance and a slowly rising counter. | Source: Research
Apps use legitimate payment gateways through Google Pay and can also accept payments by transferring BitCoin or Ethereum directly to developers’ wallets.
Google has since removed apps hosted on the Play Store, but has no control over apps hosted on third-party sites. Here are some things to consider when working with such applications.
- Check the reliability of the developer.
- Install applications from the official application store.
- Make sure you read the terms and conditions. Most fraudulent applications contain no information or are false.
- Read the opinions of others before starting the installation.
- Check the application’s permissions and actions.
These applications have managed to go unnoticed because they do nothing wrong. These are merely shells created to lure users who have been swept up in the madness of cryptocurrency and raise money for non-existent services. Buying goods or services online always requires a certain amount of trust. This scam proves that cryptocurrencies are no exception, says Ioannis Gasparis, mobile app security researcher at Lookout.
In the news: The investigators destroyed Starlink and gained access to the root terminal…
Someone who writes, edits, films, presents technology programs and races virtual machines in their spare time. You can contact Yadullah at [email protected] or follow him on Instagram or Twitter.
are crypto mining apps legitbest bitcoin mining app android 2021mobile mining apps 2021mobile mining apps 2021 iosbest bitcoin mining app android 2020best bitcoin mining app 2021,People also search for,Privacy settings,How Search works,are crypto mining apps legit,best bitcoin mining app android 2021,best free bitcoin mining app android 2021,mobile mining apps 2021,mobile mining apps 2021 ios,best bitcoin mining app android 2020,best bitcoin mining app 2021,mining apps for android