*Security researchers at the Lookout Threat Lab have discovered that more than 170 Android apps, including 26 hosted on the Google Play Store, are scamming people interested in cryptocurrencies

Isola Moses | 绿帽献妻

Following the reported race to cash in on the recent Bitcoin boom leading several consumers to take extreme measures, Apps with more than 93,000 installs claiming to be mining cryptocurrency do nothing after all, a report has said.

It was learnt when cryptocurrencies have an estimated market capitalisation of over $2 trillion, there is little surprise that cybercriminals are trying every trick in the book to eke out an advantage in the process.

Cryptocurrencies

绿帽献妻 reports some of the best Android apps available right on the Internet, according to Android Authority, include 1Weather, Google Drive, Waze and Google Maps, Google Search/ Assistant/ Feed, LastPass, Microsoft Swiftkey, Nova Launcher and Podcast Addict.

Ordinary consumers are equally trying to jump on the hype train of cryptocurrencies before it is too late to make money, CyberNews report stated.

However, report indicates that it is not everything as it seems in this strange world: Security researchers at the Lookout Threat Lab have discovered that over 170 Android apps, including 26 hosted on the Google Play Store, are scamming people interested in cryptocurrencies.

The apps in question advertise themselves as providing cloud cryptocurrency mining services for a fee.

But after analysing them, Lookout found that no cloud crypto mining actually takes place.

Lookout Threat Lab estimates that the apps they discovered have conned their users out of more than $350,000 through payment fees for faked crypto mining.

Ioannis Gasparis, a mobile application security researcher at Lookout, said: 鈥淭hese apps were able to fly under the radar because they don鈥檛 actually do anything malicious.

鈥淭hey are simply shells set up to attract users caught up in the cryptocurrency craze and collect money for services that don鈥檛 exist.鈥�

The expert stated that 鈥減urchasing goods or services online always requires a certain degree of trust 鈥� these scams prove that cryptocurrency is no exception.鈥�

It was learnt that the principle behind the apps, if they were to work as they are advertised, is sound.

Cloud mining is a legitimate way that some people try to mine cryptocurrency.

Rather than users鈥� buying specialised hardware and paying big electricity bills to contribute to a pool, cloud miners rent cloud computing power.

However, the issue with the cloud is that there is little hard evidence needed to prove that you鈥檙e actually doing what you say.

It is also noted that cloud mining services do not need to point to physical infrastructure to prove to the average user that the money they are spending on mining services is actually being deployed.

Cybercriminals have set up similar schemes to steal from desktop users, and Lookout Threat Lab uncovered a similar scam that uses the same principles but packages it in mobile apps.

Codebases indicate potential reskinning

According to the researchers, there is some rough evidence that the raft of crypto mining scam apps could well be co-ordinated by a single group, rather than 170 or more different cybercriminals arriving at the same idea for a scam at the same time.

Despite supposedly representing many different mining operations, all of the apps Lookout analysed shared a very similar codebase and design.

Most of the apps were created using a framework that doesn鈥檛 require programming experience.

But the user interface was carefully crafted to give off the impression of professionalism 鈥� and the lure of real-life returns.

It is explained that when a user logs into the scam apps, they see the available hash mining rate as well as how many coins they have 鈥渆arned鈥� to date.

The hash rate the apps show is usually low 鈥� an attempt to upsell users on upgrades that promise faster mining rates.

However, all the data shown is not tied to actual mining activity: 鈥淭he value displayed is simply a counter slowly incremented in the app.

鈥淚n some of the apps analysed, we observed this happening only while the app is running in the foreground and is often reset to zero when the mobile device is rebooted or the app restarted,鈥� said Lookout researchers.

Despite all this, there is evidence that a good number of people 鈥� nearly 100,000 鈥� have installed the apps in question and handed over money to try and improve their chances of 鈥渕ining鈥� crypto, report said.

Some apps offer in-app purchases that promise to unlock extra power at a cost of $259.99.

The lure of striking it rich often, experts stated, makes some of us fork out the cash before thinking about the ramifications; for those people, Lookout has some simple advice: 鈥淭ake your time, and if a deal is too good to be true, it probably isn鈥檛 real.鈥�

Kindly Share This Story