Fake Apps Stealing Info With Current Cryptocurrency Boom
In case you haven’t been paying attention, the Cryptocurrency markets have been booming in recent months. All of the major currencies have now pulled back from their all time highs, but BitCoin shattered several of its own records recently, as did Ethereum, which crested at a price of more than $3,300. Needless to say, this is causing a surge of interest in the ecosystem, and hundreds of thousands of new players are entering the market.
Unfortunately, this has created an irresistible opportunity for scammers. According to stats collected by Lookout, there are now nearly 200 different apps that bill themselves as cryptocurrency mining platforms, and note that most of these aren’t free apps; customers have to pay to install them.
The researchers at Lookout have identified two different families of apps, which they’ve dubbed “BitScam” and “CloudScam.” The BitScam family of apps claim to turn your mobile device itself into a mining platform, while apps in the CloudScam family claim to connect you to Cloud Mining services.
Of the two, BitScam is the larger, with more than 83k installs, but the smaller CloudScam is growing quickly, and currently has nearly 10k installations. None of the apps in either of the families actually have any cryptomining capabilities. In this case, the scammers are simply leveraging the surge in popularity of cryptocurrency in general and lining their pockets by charging for fake apps that don’t actually do anything.
That’s not completely true, though. The one thing they do is collect personal information from the people who install these apps, sending it back to the apps’ controllers, allowing them to profit in multiple ways.
An effort is underway to remove these apps from major app platforms like the Google Play Store, but as of now, there are still more than two dozen of them available there.
If you’re interested in Cryptocurrency, be very careful about what you install. At the moment, there are as many scammy apps out there as there are legitimate ones.