1 / 3

ANDROID CRYPTO MINING SCAMS

Once the exclusive realm of a visionary verge movement, cryptocurrencies have lately become appealing to conservative retail investors. Throughout the COVID-19 pandemic, the estimation of cryptocurrencies sky-rocketed, reaching a market capitalisation of $2 trillion . Cybercriminals are always searching for the proverbial chink in crypto securityu2019s armour to make money. Cryptocurrencies are now in their crosshairs. Android crypto mining scams are the new plague. <br><br>https://fastactionrefund.com/cryptocurrency-scams/android-crypto-mining-scams-the-new-menace-facing-bitcoin-miners/

32945
Download Presentation

ANDROID CRYPTO MINING SCAMS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ANDROID CRYPTO MINING SCAMS – THE NEW MENACE FACING BITCOIN MINERS Oncetheexclusiverealmofavisionaryvergemovement,cryptocurrencies have latelybecomeappealingtoconservativeretail investors.Throughoutthe COVID-19 pandemic, the estimationofcryptocurrencies sky-rocketed, reachingamarketcapitalisationof$2trillion+. Cybercriminalsarealways searchingfortheproverbialchinkincryptosecurity’sarmourtomakemoney. Cryptocurrenciesarenowintheircrosshairs.Androidcryptominingscamsare thenewplague. Securityresearchersataprominentlabhave identified170+Androidapps, including25onGooglePlay,scammingcryptocurrencyzealots.Manyofthem areavailableglobally.Theseappstrumpettheirprovidingcloud cryptocurrencyminingservicesforafee.But,postanalysis, youfindthat no cloud crypto miningtakes place inreality. ToshieldAndroidusers,GoogleswiftlyshruggedofftheseappsfromGoogle Play.

  2. The apps’entirecauseis tostealmoneyfromusers viaallowablepayment processesbutneveryieldupthepromisedservice.Asperoneanalysis,they swindled93,000+peopleandpilferedaminimumof$350,000betweenusers payingfor appsandpurchasingancillaryfakeupgradesandservices. Thelabmentionedabovehascategorisedtheseappsintotwo disparate familieswith the monikers– BitScam andCloudScam. Despitethetechnicaldifferencesbetweenthesetwofamilies,alloftheapps employasimilarbusinessmodel,implyingthatmultiplecriminalactorssetup rival businesses, targeting usersinthesame manner. Mostmalwareexecutescodethatperformssomemaliciousactivity.This malignantactivitycouldbe(tocitejustoneinstance)forexfiltratingprivate information toacommand-and-control server, asalsodisplaying advertisements outsideof the app’scontext orsendingpremiumtext messages. WhatfacilitatedBitScamandCloudScamappsflyingundertheradaristhat theydon’tdoanythingfactuallymalicious.Truthtotell,they hardlydoanything atall.Theyarenebulousskeletonsmeanttocollectmoneyfornon-existent services. Cryptominingevolutionfacilitatesscamming Cryptocurrencymining(AKA–cryptomining)deployscomputers’processing powertosolveabstrusemathematicalproblems.Thelattersubsequently verifycryptocurrencytransactions.Theminersarethenrewardedwithasmall amountofcryptocurrency.Acommonminingstrategyiscalledminingpools, whereinindividualscanchipincomputingpowersoastogetcryptocurrency in returnthat is commensurate withwhatthey contributed. Cloudminingistheexpansionofminingpools,justlikecloudcomputingisthe progressionofon-premisesdatacentrecomputing.However,insteadofusers purchasinghardwareandpayingbigelectricitybillstocontributetoapool, cloud miners leasecloud computing power. Cloudmining introducesbothhelpfulease andcybersecurityrisks.Becauseof the clarity anddexterity ofcloud computing,it isquick and easy tosetupan authentic-looking crypto-mining service that isreallyascam. Unfortunately, cybercriminalshavesetupschemesinasimilar vein tosteal fromdesktop users,too. BitScam&CloudScam–scammymodusoperandi Whileresponsiblecloudminingoperationscoulduseamobileappas its dashboard,theappwouldpossiblyhavehigh-qualitycode andadhereto safeguard codingpractices. However, carefulapp analysis exposes a disturbingdesign.Despiteseeminglystandingfordiverseminingoperations,

  3. all of the apps examined partookof verysimilarcode and design.BitScam apps maybecreatedusing aframework thatdoesn’t needprogramming experience toshowhow green these apps are. ThemajorityofBitScamandCloudScamappsarepaid.Thismeansthethreat actorssnitchthemoneyfromthoseappsales.BothCloudScamandBitScam alsooffersubscriptionsandservicespertainingtocryptominingthatuserscan payforthroughtheGooglePlayin-appbillingsystem.What makesBitScam distinctive is that itsapps also accept Bitcoinand Ethereumaspayment options. Fictitiousearningactivities Post successfulloggingin,auser is greetedwithanactivitydashboardthat fronts the availablehash miningrate aswellas howmany coinstheyhave “earned.”Thehashrateexhibitedisgenerallyverylowso as to inveiglethe userintobuyingupgradesthatpromisefasterminingrates.Thisishow bothBitScamandCloudScam makemore money– bysellingin-app upgrades, additionalsubscriptionsandservices. IfcloudminingwasfactuallytakingplaceineitherBitScamorCloudScam,we would hope for thecoin amount displayed tobestoredin afail-safe cloud database and queried throughanAPI.Afteranalysingthe code and network traffic,thelabfoundthattheappsdisplayafancifulcoinbalance ratherthan thenumber of coinsmined.Thevaluedisplayed is simplya counterslowly augmented in theapp.Insomeofthe apps analysed,itwasobservedonly while theappis running in theforeground.Whenthemobile device is rebooted or theapp restarted,theapp isoften resetto zero. ContinueReading………

More Related