Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319


Google Play Store stuffed with fake cryptomining apps

Image Description

Cybersecurity researchers have once again helped Google evict malicious apps from the official Play Store that falsely advertised themselves as cryptomining services.

Security firm Trend Micro flagged eight such Android apps, which asked users to pay for cloud mining operations that didn’t exist.

“Upon analysis, we discovered that these malicious apps only trick victims into watching ads, paying for subscription services that have an average monthly fee of $15, and paying for increased mining capabilities without getting anything in return,” wrote Cifer Fang, Mobile Threat Analyst at Trend Micro.

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window

According to Fang, all of the eight flagged apps were found to be infected with either the AndroidOS_FakeMinerPay or the AndroidOS_FakeMinerAd malware.

Uphill battle

This isn’t the first time researchers have found fraudulent apps in the Play Store that hope to cash in on the cryptocurrency craze.

Just last month, the Lookout Threat Lab identified about 170 such apps, over two dozen of which were listed on the Play Store, and managed to fool thousands of users into paying for non-existent cloud mining operations. 

As before, Google acted swiftly to remove the eight malicious apps highlighted by Trend Micro. However, this is just the tip of the iceberg.

“Based on Trend Micro Mobile App Reputation Service (MARS) data, more than 120 fake cryptocurrency mining apps are still available online. These apps, which do not have cryptocurrency mining capabilities and deceive users into watching in-app ads, have affected more than 4,500 users globally from July 2020 to July 2021,” reveals Fang.

Although some malicious apps are able to make their way onto the Play Store, to shield against threats, users are advised to download applications from official apps stores exclusively, and to research new services online to verify their legitimacy.


19 Aug 2021



Other Blog

  • YouTube rolls out rings so you can tell when creators are livestreaming

    There is a huge amount of content on YouTube, and a growing proportion of it is accounted for by live streams. While it is often possible to catch up on a live stream after it has ended, this means missing out on the excitement and sense of community that stems from watching a live event at the same time as others.

    With this in mind, YouTube is making it easier to locate live streams. Borrowing an idea already used by both TikTok and Instagram, YouTube is making a tweak to avatars to make it clear when a channel is live streaming.

    The change means that when a channel is live streaming, a ring will be displayed around its avatar as a clear and obvious indicator. More than this, if you click on the avatar, you will be taken directly to the live stream rather than to the creator's profile.

    Ring, ring, ring

    YouTube's Chief Product Officer, Neal Mohan, shared news of the change in a tweet:

    See more

    Analysis: what about desktop users?

    There is no mention of desktop users at the moment, and it's unclear if the feature will migrate from mobile or not.

    So, will this make it easier to find live streams? The answer really depends on how you use YouTube. People who are keen followers of a channel will likely be aware of upcoming live streams, and will have created a reminder to ensure they don't miss out. For the casual browser looking for YouTube videos based in comedy, it is unlikely to make a great deal of difference.

    Some responses to Mohan's tweet also question the value of the change, but no new feature is ever going to delight everyone in equal measure.

    For anyone who is keen to seek out live broadcasts rather than pre-recorded videos, it does provide another quick and easy way to differentiate one from the other. It may not be a change that generates a massive level of excitement from YouTube users, but it is a nice touch that brings the service in line with other video platforms.

    Read More
  • ProtonMail wins privacy ruling on email security

    Switzerland-based Proton AG, the company behind ProtonMail and ProtonVPN, has won an appeal against the Swiss Post and Telecommunications Surveillance Service (PTSS) over its status and obligations to monitor traffic.

    Proton, which hails itself the world's largest secure email provider, and uses end-to-end encryption, had challenged its status under Swiss law that governed telecommunications surveillance.

    Siding with Proton, the Swiss Federal Administrative Court confirmed that email service providers cannot be clubbed with telecommunications providers in Switzerland, and thus are not subject to the data retention requirements imposed on them.

    TechRadar needs you!

    We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

    >> Click here to start the survey in a new window

    According to Reuters, the verdict followed a Swiss Supreme Court ruling in April, which observed that providers of chat, instant messaging, video conferencing, or Voice over IP (VoIP) services, such as WhatsApp, iMessage, Zoom, Teams, and Skype cannot be classified as telecom service providers, but rather "over-the-top" (OTT) service providers.

    Victory for privacy

    In September 2020, PTSS had decided that ProtonMail and ProtonVPN could no longer benefit from limited surveillance obligations. It asked Proton to store all the data necessary for surveillance and be available to answer its questions around the clock.

    Proton challenged PTSS, and the court has now overturned that ruling and sent the case back for a fresh decision.

    Proton founder and Chief Executive Andy Yen said Friday's ruling was an "important first step" in its campaign to advance privacy and freedom.

    "We expect there to be further attempts to force tech companies to undermine privacy in both Switzerland and abroad, and we are committed to continuing to challenge this through both our encryption technology and through the courts," he said.

    In a statement, Proton hailed both the current and the April rulings as a “victory for privacy.”  

    For comprehensive privacy, use one of our best business VPN services

    Read More
  • Microsoft Exchange servers targeted with Cuba ransomware

    The UNC2596 ransomware group, also known as Cuba, is abusing vulnerabilities found in Microsoft Exchange to compromise corporate endpoints, harvest data, and ultimately, deploy the COLDDRAW malware.

    Cybersecurity experts from Mandiant caught on the ransomware group’s trail, saying it mostly hunts down companies in the United States and Canada. 

    The experts’ report states the group has been using ProxyShell and ProxyLogon vulnerabilities at least since August 2021 to plant various web shells, Remote Access Trojans (RAT), and backdoors, on compromised systems. 

    TechRadar needs you!

    We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a £100 Amazon gift card (or equivalent in USD). Thank you for taking part.

    >> Click here to start the survey in a new window

    Among the backdoors used, CobaltStrike and NetSupport Manager seem to be the most popular choices, but they often use home-grown products, dubbed “Bughatch”, “Wedgecut”, “Burntcigar”, or “Eck”. Some of these are used as reconnaissance tools, others to terminate processes and escalate privileges.

    The difference between UNC2596 and other ransomware groups out there, is that this group does not send exfiltrated data towards cloud services. Instead, they use private infrastructure. 

    A growing ransomware actor

    The Cuba ransomware group was reportedly formed in late 2019, and after a relatively slow start, picked up its pace in 2020 and 2021. In May 2021, the group teamed up with Hancitor malware spammers, successfully phishing out passwords for corporate networks with malicious DocuSign files. 

    In late 2021, the FBI issued an advisory about the group which claimed the group breached 49 critical infrastructure organizations in the US (the Cuba leak website had fewer than 30 victims listed). Its operations earned it almost $44 million, the law enforcement agency added. However, it demanded $74 million. 

    Despite the ransom demands, both unpaid and paid, being counted in double-digit millions, the group is relatively small, compared to some of the biggest players in the ransomware game. 

    Cybersecurity researchers from Emsisoft, for example, said last year there had been 105 Cuba ransomware submissions, while Conti has had more than 600.

    Via: BleepingComputer

    Read More
  • This Outlook email update will give your calendar a splash of color

    Microsoft Outlook users will soon be able to liven up their work calendars with a bit of color thanks to a new update coming to the service.

    An upcoming upgrade will soon allow Outlook web users to customize the color of the events in their calendar app, letting them not only liven up the view, but also create better distinction and visibility into their working week.

    The official entry in the Microsoft 365 roadmap notes that users of the email service will be able to select custom colors for their calendar events using hexadecimal values, RBG values, or a color picker control.

    Outlook update

    The update is currently still in the development phase, but Microsoft has pegged it for a release in February 2022. It will only be available to web users to begin with, but may roll out elsewhere soon.

    The move brings Outlook up to speed with some of its biggest rivals, with Google Calendar already allowing users to set a number of different colors for events.

    Microsoft has revealed a number of useful updates for Outlook in the last few months as it looks to further assist those embracing the hybrid working lifestyle.

    This includes a tool that will help users eliminate mistakes from their messages with the launch of spelling and grammar checks for its Outlook on mobile platform.

    Another update will allow workers to set a notice showing where they are working, whether that be at home, in the office, or anywhere else.

    Google Calendar received a similar feature in August 2021, allowing users to highlight exactly where they would be working, with the options of home, office, or a specific other location.

    Users can also create a weekly working location routine if they plan on going into the office on certain days and working remotely on others, which can be updated at any time if plans change. There was no information as to whether Microsoft's Outlook update will do the same, but we're hopeful it will.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us