andoid

Android Apps: Pretending to Mine Unmineable Crypto

Android Apps: Pretending to Mine Unmineable Crypto

Scammers are creating fake Android cryptocurrency mining apps and promoting them on the Google Store. The kicker is that these apps claim to mine cryptocurrency that can’t even be mined in the first place.


Fortinet discovered these apps on the Google Play Store when they saw that the apps were being promoted as miners for Ripple (XRP), Cardano (ADA), and Tether. As these are cryptocurrencies that are not possible to mine, the apps only pretend to mine and instead display advertisements

For instance, in the Ripple miner shown below, users can click on the Start button and supposedly mine for the Ripple cryptocurrency. While running, it will even show hash speeds and the slow increase of mined coins.

In reality, however, the code for the app shows that the fake mining hash rates are completely random and are not actually mining anything.

Furthermore when users try to withdraw their supposedly mined coins, the app is coded to automatically display an error stating “Error! Check your wallet address”.

crypto
Code that gives an error on withdrawal

As these apps are not actually mining anything, you may be wondering why they were even created.

According to Fortinet, the answer is to display ads. By enticing you to earn money by mining cryptocurrency, they are hoping that you will keep the application open so that it can display advertisements and generate revenue.

crypto
Code to display an interstitial ad

Ultimately, scam apps are created to do one thing; to make money for the developer.

Unfortunately, with the lackluster quality control in the Google Play Store, we are constantly seeing reports of Android apps performing malicious activities such as performing hidden mining, stealing banking credentials, and spying on user’s activities.

ESET discovered similar apps in the past

These types of apps are not new. In the past, ESET researcher Lukas Stefanko had reported about finding apps that performed similar adware behavior, performed cryptojacking, or tried to steal coins from user’s wallets.

When we asked Lukas Stefanko if he felt that these types of malicious or scam mining apps are increasing, he stated that he felt they follow the ebbs and flows of the cryptocurrency market.  When the prices of cryptocurrency are increasing, so are the amount of scam apps that try to capitalize on the increased hype.

“These fake apps are not as popular as in the end of 2017 or January 2018 – based on what I see they copy trend of Bitcoin price,” Lukas Stefanko told us. “If it is more profitable for the attacker then they create more apps – because actual price hype and people want to quickly “get in”.”

With this said, be sure to do your research and read the reviews of any mining apps you install on Android.

CBNN

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.