Security News > 2021 > July > Cloud Cryptomining Swindle in Google Play Rakes in Cash
Bogus cryptomining apps for Android available for download on Google Play are estimated to have scammed more than 93,400 victims to date, researchers said, stealing at least $350,000.
In addition to offering the "Apps" themselves for a fee, the scammers also promote additional services and upgrades that users can purchase within the apps, either by transferring Bitcoin or Ethereum cryptocurrencies directly to the developers' wallets or via the Google Play in-app billing system.
There were 25 such apps found on the official Google Play store and 170 overall when third-party app stores are taken into account.
While the cryptomining apps have now been removed from Google Play, those dozens more still available for side-loading continue to lure people in, Gasparis noted.
He told Threatpost that he also found evidence in various channels like Medium, Telegram and Twitter promoting similar cryptomining scam apps, with many of them referencing the apps found on Google Play.
In some of the apps analyzed, the counter advanced only when the app was running in the foreground, and was reset to zero when the mobile device was rebooted or the app restarted.
News URL
https://threatpost.com/cloud-cryptomining-swindle-google-play/167581/
Related news
- Apps secretly turning devices into proxy network nodes removed from Google Play (source)
- Free VPN apps on Google Play turned Android phones into proxies (source)
- Google Cloud/Cloud Security Alliance Report: IT and Security Pros Are ‘Cautiously Optimistic’ About AI (source)
- Google Cloud Next 2024: New Data Center Chip and Chrome Enterprise Premium Join the Ecosystem (source)