Illicit cryptomining campaigns are growing strong as cybercriminals continue to evolve their attack techniques and malware. One of the main reasons for the rise is attributed to rapidly increasing cryptocurrency rates.

Furthermore, the introduction of new digital currencies and the official trading of cryptocurrencies have called into question the new threats posed by cryptomining abuse and cryptocurrency scams. According to Akamai’s recent report, fake crypto exchange phishing URLs witnessed a surge of over 500% between March 2020 and May 2021. These phishing URLs were part of scams that ultimately enabled attackers to secretly pilfer money. However, it looks like threat actors are shifting focus from URLs to malicious apps to trick users and earn more profits.

The Story of BitScam and CloudScam apps

  • Security researchers at the Lookout Threat Lab, recently, identified over 170 Android apps that scammed people interested in cryptocurrencies.
  • Based on the functionalities discovered by researchers, these apps were categorized as BitScam and CloudScam. These apps promised the victims to help them in cloud mining without the need for additional goods or services.
  • Both the versions offered subscriptions and services to cryptomining that users can enable by paying via the Google Play in-app billing systems.
  • The only thing that differentiated BitScam from CloudScam was the addition of Bitcoin and Ethereum in payment options.
  • However, little did the victims know that threat actors were using them as a channel to fly under the radar.
  • The threat actors swindled at least $350,000 in cryptocurrency funds.

The other concerning factor

  • The FBI issued a warning about ongoing attacks that target cryptocurrency owners and third-party platforms.
  • The advisory reveals that attackers are using several tactics to take control of the targets’ cryptocurrency exchange accounts and steal digital currency.
  • Impersonating payment platforms and leveraging SIM swap attacks are some of the tactics used by threat actors to launch the attacks.

A wider aspect

As cryptocurrency becomes more significant, it will be no surprise to see its usage in more and more attack vectors such as DDoS extortions and ransomware attacks. Given the potential impact of crypto-associated attacks on both consumers and businesses, it is highly recommended to have proactive security monitoring and controls in place.

Cyware Publisher