CIO Influence
CIO Influence News Cloud Security

Lookout Discovers Crypto Mining Scams Targeting Tens of Thousands of Victims Using Hundreds of Android Apps

Lookout Discovers Crypto Mining Scams Targeting Tens of Thousands of Victims Using Hundreds of Android Apps

Lookout, Inc., an integrated endpoint-to-cloud security company, announced the discovery of major crypto mining scams using hundreds of Android apps. Categorized into two distinct Android app families, BitScam and CloudScam, these apps were designed to target people interested in cryptocurrencies. In total, security researchers at the Lookout Threat Lab identified more than 170 apps that are estimated to have scammed more than 93,000 victims. The majority of these apps are side loaded based on the fact that only 25 were available for download on Google Play. Lookout has been in close contact with Google and the apps on Play have been removed.

Recommended ITech News: Andes Technology Announces Over 2 Billion Shipments Of Andes-Embedded SoCs In 2020

The BitScam and CloudScam apps advertise themselves as providing cloud cryptocurrency mining services for a fee. After analyzing the apps, Lookout researchers found that no cloud crypto mining actually takes place. The scammers pocket the money spent on apps and upgrades without ever delivering the promised services. Lookout estimated that the apps stole more than $350,000 from their victims.

“These apps were able to fly under the radar because they don’t actually do anything malicious,” said Ioannis Gasparis, a mobile application security researcher at Lookout. “They are simply shells set up to attract users caught up in the cryptocurrency craze and collect money for services that don’t exist. Purchasing goods or services online always requires a certain degree of trust — these scams prove that cryptocurrency is no exception.”

Recommended ITech News: Balluff Introduces Three Groups of Products for Position Sensing

BitScam and CloudScam apps both trick people into thinking they are paying for cloud crypto mining services. In addition to the apps themselves costing money, they promote additional services and upgrades that users can purchase within the apps, either by transferring cryptocurrencies to the developers’ wallets or through Google Play. These apps also display fake minimum account balances to entice users to spend more money on the services and upgrades.

While the BitScam and CloudScam cryptomining apps have now been removed from Google Play, there are dozens more available for download on third-party app stores.

Recommended ITech News: Sumo Logic Named a Visionary in the 2021 Gartner Magic Quadrant for Security Information and Event Management (SIEM)

Related posts

New Relic Rolls Out IAST with Industry’s First Proof-of-Exploit Reporting

Business Wire

Airbus Extends Partnership with Astrocast to Further Enhance Satellite IoT Technology

PR Newswire

Hyland named a Leader in Omdia report on DAM

CIO Influence News Desk

Leave a Comment