ANDROID CRYPTO MINING SCAMS – THE NEW MENACE FACING BITCOIN MINERS

1
ANDROID CRYPTO MINING SCAMS THE NEW MENACE
FACING BITCOIN MINERS
Once the exclusive realm of a visionary verge
movement, cryptocurrencies have lately become
appealing to conservative retail investors.
Throughout the COVID-19 pandemic, the estimation
of cryptocurrencies sky-rocketed, reaching a
market capitalisation of 2 trillion.
Cybercriminals are always searching for the
proverbial chink in crypto securitys armour to
make money. Cryptocurrencies are now in their
crosshairs. Android crypto mining scams are the
new plague. Security researchers at a prominent
lab have identified 170 Android apps, including
25 on Google Play, scamming cryptocurrency
zealots. Many of them are available globally.
These apps trumpet their providing cloud
cryptocurrency mining services for a fee. But,
post analysis, you find that no cloud crypto
mining takes place in reality. To shield Android
users, Google swiftly shrugged off these apps
from Google Play.
2
The apps entire cause is to steal money from
users via allowable payment processes but never
yield up the promised service. As per one
analysis, they swindled 93,000 people and
pilfered a minimum of 350,000 between users
paying for apps and purchasing ancillary fake
upgrades and services. The lab mentioned above
has categorised these apps into two disparate
families with the monikers BitScam and
CloudScam. Despite the technical differences
between these two families, all of the apps
employ a similar business model, implying that
multiple criminal actors set up rival
businesses, targeting users in the same
manner. Most malware executes code that performs
some malicious activity. This malignant activity
could be (to cite just one instance) for
exfiltrating private information to a
command-and-control server, as also displaying
advertisements outside of the apps context or
sending premium text messages. What facilitated
BitScam and CloudScam apps flying under the radar
is that they dont do anything factually
malicious. Truth to tell, they hardly do anything
at all. They are nebulous skeletons meant to
collect money for non-existent services. Crypto
mining evolution facilitates scamming Cryptocurren
cy mining (AKA crypto mining) deploys
computers processing power to solve abstruse
mathematical problems. The latter subsequently
verify cryptocurrency transactions. The miners
are then rewarded with a small amount of
cryptocurrency. A common mining strategy is
called mining pools, wherein individuals can
chip in computing power so as to get
cryptocurrency in return that is commensurate
with what they contributed. Cloud mining is the
expansion of mining pools, just like cloud
computing is the progression of on-premises data
centre computing. However, instead of users
purchasing hardware and paying big electricity
bills to contribute to a pool, cloud miners
lease cloud computing power. Cloud mining
introduces both helpful ease and cybersecurity
risks. Because of the clarity and dexterity of
cloud computing, it is quick and easy to set up
an authentic-looking crypto-mining service that
is really a scam. Unfortunately, cybercriminals
have set up schemes in a similar vein to steal
from desktop users, too. BitScam CloudScam
scammy modus operandi While responsible cloud
mining operations could use a mobile app as its
dashboard, the app would possibly have
high-quality code and adhere to safeguard coding
practices. However, careful app analysis exposes
a disturbing design. Despite seemingly standing
for diverse mining operations,
3
all of the apps examined partook of very similar
code and design. BitScam apps may be created
using a framework that doesnt need programming
experience to show how green these apps are. The
majority of BitScam and CloudScam apps are paid.
This means the threat actors snitch the money
from those app sales. Both CloudScam and BitScam
also offer subscriptions and services pertaining
to crypto mining that users can pay for through
the Google Play in-app billing system. What makes
BitScam distinctive is that its apps also accept
Bitcoin and Ethereum as payment
options. Fictitious earning activities Post
successful logging in, a user is greeted with an
activity dashboard that fronts the available
hash mining rate as well as how many coins they
have earned. The hash rate exhibited is
generally very low so as to inveigle the user
into buying upgrades that promise faster mining
rates. This is how both BitScam and CloudScam
make more money by selling in-app upgrades,
additional subscriptions and services. If cloud
mining was factually taking place in either
BitScam or CloudScam, we would hope for the coin
amount displayed to be stored in a fail-safe
cloud database and queried through an API. After
analysing the code and network traffic, the lab
found that the apps display a fanciful coin
balance rather than the number of coins mined.
The value displayed is simply a counter slowly
augmented in the app. In some of the apps
analysed, it was observed only while the app is
running in the foreground. When the mobile device
is rebooted or the app restarted, the app is
often reset to zero. Continue Reading