Android crypto mining scam hits 93,000 victims

Abstract image of a bitcoin token inside some rocks to represent cryptocurrency mining

Security researchers have discovered a plethora of fake Android apps that pretend to offer cloud-based cryptocurrency mining in exchange for a fee.

Around 170 Android apps, including 25 on Google Play, have been identified as fraudulent, with each offering cryptocurrency mining services to users as a way of generating tokens without any mining actually taking place.

“The apps’ entire raison d'être is to steal money from users through legitimate payment processes, but never deliver the promised service,” said researchers at Lookout Security, in a post detailing the scam.

In total, criminals are thought to have taken $350,000 from approximately 93,000 users, either through initial payments or through additional fake upgrades and services.

Researchers classified these apps into two distinct families: BitScam and CloudScam. While there are some distinctions between the two families, both have a similar business model, indicating that many cyber criminals have set up competing businesses to target users in the same manner.

While mobile malware tries to extract data or send premium rate messages, these apps have flown under the radar as they don't do anything inherently malicious to the device itself, instead acting as shells to collect money for services that don’t exist.

Victims are led to believe that the apps grant them access to a cloud-based cryptocurrency mining pool, where individuals can contribute varying amounts of computing power from their devices in exchange for cryptocurrency.


Owning your own access security

The key to building strong cloud security and avoiding the risk of vendor lock-in


While the apps appeared to represent different mining operations, all of the apps analyzed shared very similar code and design, according to the researchers.

“Both CloudScam and BitScam also offer subscriptions and services related to crypto mining that users can pay for via the Google Play in-app billing system," the researchers said. "What makes BitScam different is that its apps also accept Bitcoin and Ethereum as payment options."

While Google Play has since removed the apps from their store, many others are still available on third-party app stores around the world.

Researchers recommended users investigate developers behind any such apps to make sure they are legitimate, and only install apps from an official store app.

Rene Millman

Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.