Fake crypto mining apps took $350K from users before getting removed

by Protos Staff
More than 170 Android apps claiming to give would-be crypto miners the ability to harvest coins in the cloud have turned out to be nothing more than scams, according to a recent investigation by Android security specialists Lookout.

More than 170 Android apps claiming to give would-be crypto miners the ability to harvest coins in the cloud have turned out to be nothing more than scams, according to a recent investigation by Android security specialists Lookout.

The apps claimed to do away with some of the biggest problems associated with crypto mining — namely the amount of equipment needed and sky-high energy bills.

But it turns out the claims were too good to be true and instead they were “simply shells to collect money for services that don’t exist.”

Lookout calculates that the apps have fleeced more than 90,000 people out of an estimated $350,000.

Simple code for a simple scam

  • The apps were created with very simple code which didn’t require programming experience.
  • They looked legit, showing a balance of coins “mined” and a false hashrate.
  • Users were prevented from withdrawing their crypto with a minimum withdrawal amount or the apps would “crash” and set the balance back to zero.

“The scammers running this scheme were able to tap into the existing frenzy created by the hot cryptocurrency market. But no matter how high cryptocurrency valuations climb, there is no substitute for appropriate due diligence before purchasing a cryptocurrency mining app,” Lookout said. 

Bogus mining apps did nothing but steal money

Costs racked up as users paid for or subscribed to expensive upgrades which the apps claimed to improve mining rates — they even offered a referral scheme where you could earn 20% of your friends’ fake balance. 

Android users spent between $12.99 and $259.99 on the bogus upgrades, with some apps even accepting Bitcoin and Ethereum as payment.

[Read more: Kraken encourages employee anonymity to fight ransomware]

According to Lookout, other than taking money the apps didn’t actually do anything malicious — meaning for the most part they flew under the radar.

Even Google’s malware detection systems were tricked. In response to Lookout’s investigation, the search engine giant has removed the 25 fake apps on sale in its Play Store.

This is just one of many schemes cooked up by criminals capitalizing on investor interest in cryptocurrency. 

Just last month Protos reported on fake cold storage wallets being sent out to Ledger customers.

[H/T PC Mag]

Was this article interesting? Share it

Advertisement