“Upon analysis, we discovered that these malicious apps only trick victims into watching ads, paying for subscription services that have an average monthly fee of $15, and paying for increased mining capabilities without getting anything in return,” wrote Cifer Fang, Mobile Threat Analyst at Trend Micro.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.
According to Fang, all of the eight flagged apps were found to be infected with either the AndroidOS_FakeMinerPay or the AndroidOS_FakeMinerAd malware.
This isn’t the first time researchers have found fraudulent apps in the Play Store that hope to cash in on the cryptocurrency craze.
Just last month, the Lookout Threat Lab identified about 170 such apps, over two dozen of which were listed on the Play Store, and managed to fool thousands of users into paying for non-existent cloud mining operations.
As before, Google acted swiftly to remove the eight malicious apps highlighted by Trend Micro. However, this is just the tip of the iceberg.
“Based on Trend Micro Mobile App Reputation Service (MARS) data, more than 120 fake cryptocurrency mining apps are still available online. These apps, which do not have cryptocurrency mining capabilities and deceive users into watching in-app ads, have affected more than 4,500 users globally from July 2020 to July 2021,” reveals Fang.
Although some malicious apps are able to make their way onto the Play Store, to shield against threats, users are advised to download applications from official apps stores exclusively, and to research new services online to verify their legitimacy.