If your cryptocurrency-enthusiastic friends are looking a little more sheepish than usual, it may be because they have been scammed by fake Android apps that promise cloud-based mining services but offer none.
Mobile security firm Lookout revealed this morning (July 7) that it has discovered more than 170 Android apps (25 of them in Google Play) that "advertise cloud cryptocurrency mining services for a fee."
However, Lookout researcher Ioannis Gasparis noted in his company's report that "we found that cloud cryptocurrency mining is not actually taking place."
"According to our analysis, they scammed over 93,000 people and stole at least $350,000 while users paid for the app and purchased additional fake upgrades and services," Gasparis said.
These scams went largely undetected because they were not malicious. They do not steal data or install malware. Google's malware detector doesn't detect them, nor do the best Android antivirus apps.
"In fact, they did almost nothing," Gasparis wrote. They are merely a shell to collect money for a service that doesn't exist."
Lookout said the apps appear to fall into two different groups based on their code, indicating that multiple groups of scammers are profiting from the cryptocurrency boom.
The "BitScam" group of apps takes payments for subscriptions, services, and in-app upgrades in Bitcoin and Ethereum tokens (strictly in violation of Google Play's terms of service), while the "CloudScam" group takes regular They take payment by credit card. The upgrade also costs $250 for a "virtual hardware" package.
However, both apps blocked users from actually withdrawing the coins they "mined". When trying to withdraw cryptocurrency, they are told that they cannot withdraw because they do not have a sufficient balance.
All 25 of these scam apps on Google Play have been removed, according to Lookout, but they and about 150 other apps can still be found in the "offload" app store Lookout has a complete list of scam apps here
"The list is not exhaustive.
Needless to say, if you have any of these apps on your Android phone, go to Settings > Apps and Notifications and select them to uninstall them. If you paid for these apps, services, or subscriptions with a credit card, you can get the charges back from your card issuer.
However, if you paid using Bitcoin or Ethereum tokens, you probably will not get that money back.
Comments