Oliver Mitchell

Fake Cryptomining Apps Attack Android Users

Have you heard of the criminal duo of BitScam and CloudScam? Let me show you the group of apps that have been emptying users’ pockets for a while, scamming them into an imaginary cloud mining network. The wildest thing about these apps is that some of them made it to Google Play.

The world’s crypto craze has never really gone out, but in 2021, it burned again hotter than ever, with Bitcoin and other crypto rising to the moon. No wonder many users not versed in mining decided that it would be a good investment. But how does one do it with a smartphone? The answer seems plausible: cloud mining, when the remote data center does the work, and the user’s phone is effectively a wallet.

So plausible, in fact, that about 93,000 users believed these reasons and installed cryptomining apps. Some of them were only available on third-party sources, while others surprisingly easily appeared on Google Play, easy to find and install. So, the users paid a monthly fee for the non-existent services and got fake notifications on the phone. The fraudsters, in the meantime, got quite an amount of real money. But, as the apps did not cause any harm to users’ devices or try to steal their data, they were not recognized as fraudulent until recently.

The number of malicious apps from both families, BitScam and CloudScam, is 172. The networks were discovered by Lookout, a company specializing in cloud security solutions. Now all these apps are removed from Google Play. It’s not known yet how many users installed these apps out of pure curiosity and how many of them actually paid their money. But the overall amount of money they paid exceeds $350,000. Not bad for non-existent services, isn’t it? Still, if you take it as a reminder that earning money always requires some competence along with investments, you may truly benefit from this story.