Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Lookout Threat Lab security researchers exposed more than 170 Android applications, and the number of deceived users exceeded 93,000. Among them, 25 applications managed to evade the Google Play Store detection and successfully launched, but this is mainly because they do not involve any malicious operations, and may even be purely to fool users. Lookout security researchers pointed out that these counterfeit applications belong to the BitScam and CouldScam series respectively, claiming to provide cloud-based cryptocurrency mining services that can aggregate the computing power of users' mobile devices and share mining revenue. These apps are not free, and various additional payment excuses such as subscriptions and upgrades will be made. Prices range from 12.99 to 259.99 US dollars, and cryptocurrencies such as BTC or ETH are accepted as payment methods. LookoutThreatLab estimates that these malware creators defrauded 300,000 U.S. dollars through illegal sales and 50,000 U.S. dollars in cryptocurrency through fake payments and upgrade services. Attack method (per SlowMist): Scam. Reported loss: $ 350,000.
- chain
- —
- protocol
- Android application
- bug_class
- rug
- date_occurred
- 2021-07-09
- loss_usd
- $350,000
- source_id
- sm:android-application::2021-07-09