Fortinet Discovers New Android Apps that Mine the Unminable - Security Boulevard

SBN Fortinet Discovers New Android Apps that Mine the Unminable

Cryptocurrencies don’t all work the same way. Some are minable, some aren’t. For example, Ripple (XRP), Cardano (ADA) and Tether (USDT) aren’t minable.

Despite this fact, several applications pose as miners for those currencies on Android 😉 Do not be fooled, they are all malicious, if not scams.

It’s not the first time that researchers have spotted such miners on Android marketplaces: Lukas Stefanko already noticed some in February. However, the samples below are new and are believed to have been hiding under the radar since May 2018.

The app displays a (fake) miner as below.

But check the code: the mining speed is generated randomly.

  • A new thread is created
  • The mining speed is absolutely fake. The digit before and after the comma are random.
  • The random numbers are displayed (setText)
  • There is no mining at all… (and for Ripple, it’s impossible by design anyway) 

The app has a menu, and one of the possible choices is “Withdraw” to presumably collect your mined currencies. At this point, you probably won’t be surprised that this withdrawal will not succeed.

To the question “Are you want to Withdraw now?” (English as in code…), there are only two alternatives:

  1. Yes. Then, the application complains your wallet address is incorrect. Too bad 😉
  2. No. Closes the window.

So, in all cases, you won’t be able to withdraw.

As far as we know, the only business around those applications is for their author to display ads and collect revenue:

So, basically, the idea is to fool the end-user in downloading an adware.

Fortinet customers are protected from these scams, detected as Riskware/FakeMiner!Android.

— the Crypto Girl


  • 9ccfc1c9de7934b6f1c958d73f8e0b969495fce171e48d642ec4c5bad3dc44cb
  • 8890366fc67c5a896d7494b3de3cf87debe0d0f96548cec9f81d072e3442716b
  • 4a67d5c5bf0e1dba3d215c15e95ce1bdbd2f9fca4e103a0e702161d6efc3aae6

Fake miners of the same family:

  • 0a25f286986149202eda1fdb336f80a6a035d0966a785573e676217151b7ccba
  • 7054160813fddd4a94e393eba4764cda356e631f229f69a062e5a34ec39e1cb4
  • 074c93f24e9de178a4af73e69d26c1da06a29be0c6a4b0f8893b27add7ce47fe
  • 7403ab326a6afdb07a5e717792bf9dfea09303f044f1fdadea86c6b3a81f5030
  • a2ecfd59b8fdec7eb5d5a139bae77815c25ed347e05d57de9847210acce5d4f6
  • c06815b3e2c10d5bbb4a7aa1a15bad00eb79d012e5bb5a1a37d24c68eda1818b 


Download our latest Fortinet Global Threat Landscape Report to find out more detail about recent threat landscape trends.

Sign up for our weekly FortiGuard Threat Brief.

*** This is a Security Bloggers Network syndicated blog from Fortinet All Blogs authored by Fortinet All Blogs. Read the original post at: