In a world where there are more and more applications for cryptocurrencies on the Android operating system, you have to be very careful, especially with those that promise to make money. In this regard, a company dedicated to computer security has warned of 170 mobile applications for mining cryptocurrencies in the cloud, which could lead to scams using the BitScam and CloudScam methods.
#BREAKING: @LookoutThreats has identified nearly 200 #Android apps both on and off #GooglePlay that have scammed at more than 93,000 people with fake #cryptocurrency mining services. Check out this blog by Ioannis Gasparis to learn more. https://t.co/QSzCaBfzLc pic.twitter.com/1jxpWVw0hH
– Lookout (@Lookout) July 7, 2021
According to the report published by Lookout, a California-based company there are many applications that can be dangerous, although they present themselves as an alternative to mining cryptocurrencies in the cloud and making money from them. Lookout’s analysis, signed by security engineer Ioannis Gasparis, specifies that 930,000 people have been swindled by these Android applications. In addition, over $ 350,000 was stolen.
Experts who conducted the investigation said that 25 of the 170 apps identified as malicious could be found in the Google Play Store. This means that they were fully accessible to the public until they were removed from the online store, following a warning from these experts.
The methodologies used to attack the victims’ cryptocurrency accounts are twofold. The first is called BitScam and involves infiltrating malware into the mobile phone to breach user accounts in wallets and exchanges and thus steal their crypto assets. The second technique, CloudScam, goes a step further, since it can also compromise bank accounts and all kinds of data stored in the cloud.
Paid apps promising fake rewards in the Google Play Store
To attract victims, these applications guarantee payments in exchange for the “rental”By the user of processing power to mine cryptocurrencies. They then claim to distribute the rewards based on each participant’s contribution to the process.
However, these promises are never kept; on the contrary, developers take the opportunity to introduce malware that steals sensitive information from the user’s account. Also, these apps keep the money people pay to buy the app and then the upgrades and subscriptions that are offered to – in theory – get better performance. These purchases can amount to around $ 260, the statement said.
What makes these apps hard to detect, according to Lookout, is that in many cases they don’t do anything suspicious. In fact, many of them “only serve as a shield to collect money”In exchange for services that don’t actually materialize.
The mining of cryptocurrencies and the proliferation of scams
Cryptocurrency mining involves solving complex mathematical problems to validate transactions and issue new cryptocurrencies. One of the mining strategies are mining pools, in which multiple users contribute their processing power and receive rewards commensurate with it. Cloud mining is basically the same thing, but the difference is that instead of buying hardware for mining, that processing power is “rented”To a third party.
The downside of cloud mining applications is that they are more susceptible to scams. In this regard, the Lookout report notes that an unsophisticated and inexperienced code pattern has been detected in malicious applications. Additionally, the displayed cryptocurrency reward balances and processing power were fictitious. These apps don’t even allow you to withdraw the accumulated balance.
With the growing popularity of cryptocurrencies, many “novices”Enter the world of crypto-currencies and thus become easy targets for crooks. In this context, education and information are crucial, and there is a growing body of material devoted to the prevention of these crimes. For example there is even a documentary on Netflix that explains what Ponzi schemes are in the cryptocurrency industry, which can help, along with other sources, to avoid falling into these types of scams.