Bitcoin miners beware of Android cryptocurrency scams, report says

Security researchers have recognized over 170 Android apps scamming cryptocurrency miners.

The apps have been designed solely to steal cash from individuals who mine cryptocurrencies, stated safety researchers at Lookout Threat Lab, a cloud safety firm. 

The apps scammed greater than 93,000 individuals and stole at the very least $350,000 between customers paying for apps and shopping for extra pretend upgrades and companies, the researchers stated, who labeled apps into two households that they dubbed “BitScam” and “CloudRip-off.”

Security researchers have recognized over 170 Android apps scamming cryptocurrency miners. (iStock)

“What enabled [these apps] to fly below the radar is that they don’t do something really malicious. In reality, they hardly do something in any respect. They are merely shells to gather cash for companies that don’t exist,” the researchers stated in a report.

And the evolution of crypto mining makes scamming simpler.

Cryptocurrency mining faucets pc processing energy to unravel complicated mathematical issues that confirm cryptocurrency transactions. Miners are then usually rewarded with a small quantity of cryptocurrency.


Broadly, there are two mining methods. One is mining swimming pools, the place people can contribute computing energy so as to get cryptocurrency. Cloud mining is the evolution of mining swimming pools. In this case, cloud miners hire cloud computing energy – much like cloud computing.

“Cloud mining introduces each comfort and cybersecurity dangers. Because of the simplicity and agility of cloud computing, it’s fast and straightforward to arrange a realistic-looking crypto mining service that is known as a rip-off,” the researchers stated.

How the scams function

The majority of fraudulent apps have been paid, permitting the scammers to pocket the cash from app gross sales. The apps additionally supplied subscriptions and companies that customers may pay for by way of the Google Play in-app billing system.

After logging in, a person would see an exercise dashboard that shows the accessible hash mining price – the quantity of computing energy being contributed to the community by mining – in addition to what number of cash they’ve “earned.” The hash price would usually be very low so as to get customers to purchase upgrades that promise quicker mining charges.

“After analyzing the code and community site visitors, we found the apps show a fictitious coin stability and never the quantity of cash mined. The worth displayed is solely a counter slowly incremented within the app,” the researchers stated.

In the BitScam-style rip-off, customers are given the choice to purchase “digital {hardware}” to extend the speed of mining. The value of digital {hardware} ranges from $12.99 – $259.99 and will be bought both by Google Play or by way of Bitcoin and/or Ethereum.


Apps have been additionally designed in order that customers weren’t “allowed” to withdraw any cash till they reached a minimal stability. And even when a minimal stability was reached, customers weren’t capable of withdraw cash, the researchers stated.

“The app would show a message telling the person that the withdrawal transaction is pending, however behind the scenes, it merely resets the person’s coin stability quantity to zero with out transferring any cash to the person.”

While the apps have now been faraway from Google Play, there are dozens extra nonetheless being circulated in third-party app shops, the researchers stated.

“The scammers operating this scheme have been capable of faucet into the prevailing frenzy created by the recent cryptocurrency market,” in response to the report.

Recommended For You

About the Author: Daniel