Bitcoin and cryptocurrency values have been tanking consistently for a few weeks now, but there is an undeniable sense of intrigue around crypto coins. A lot of folks out there are genuinely assessing whether these can be a tool for investing some money now and hope the valuations rise soon enough. #BuyTheDip and #HODL are a few things you’d see trending quite regularly, if you take your investment advice from Twitter. But before you start handing out your cash in exchange for crypto coins and hope, you should take a long and hard look at the app you’d be using. Particularly if you are using an Android phone. Security researchers at the Lookout Threat Lab have pointed out as many as 170 Android apps, of which 25 found a home on the official Play Store, which are scamming people who want to make money off crypto mining.
The reason why these apps were able to evade any and all detection and checks in place for apps listed on the Play Store is because they didn’t seem to be doing anything that would trigger’s automated policy compliance checks. In fact, these apps were actually doing nothing at all. Google has since removed the apps listed on the Play Store, but this may just be the tip of the iceberg. Fake cryptocurrency apps like these were charging a fee from users in exchange for asking for computing power from your smartphone, to be able to mine crypto coins. The coins they claimed to be mining include Bitcoin and Ethereum. These apps charged between $12.99 to $259.99 and you would be required to pay either via Google Play’s saved payment mechanisms or even crypto coins including Bitcoin, directly to the developer’s crypto wallet. Yet, nothing happened after that.
While those who signed up for the crypto mining apps did see a whole host of transactions happening, they were all fake. These scamming apps also had a policy in place regarding minimum balance from mined coins before users could withdraw the earnings to their accounts. The security researchers say the Play Store user reviews for some of these dodgy apps indicate users still weren’t allowed to withdraw even if they met the predefined minimum threshold. There were even higher tier subscription plans asking users to shell out more money with promises of reducing this minimum balance requirement as well as better rewards. The Lookout Threat Lab believes that these apps available on the Google Play Store and indeed third party app stores have scammed more than 93,000 people and stole at least $350,000 with users paying subscription fees and buying upgrades in-app.
“While CloudScam and BitScam apps have now been removed from Google Play, there are dozens more still being circulated in third-party app stores. In total, the operators generated at least $350,000. They stole $300,000 from selling the fake apps and an additional $50,000 in cryptocurrencies from victims paying for fake upgrades and services,” say the researchers. They say that for anyone who is interested in signing up for a crypto mining app, it is important to know the developer before paying up, read other users’ reviews and also go through the terms and conditions. “Most of the scam apps either have fake information or don’t have any terms available,” they say. The researchers also say that if the app is asking for permissions on the phone that it really shouldn’t be asking for, that is a red flag. Also, if the app has the habit of resetting itself often or crashes and that causes a crypto balance reset, that is something you need to notice.