Cryptocurrencies don't all work the same way. Some are minable, some aren't. For example, Ripple (XRP), Cardano (ADA) and Tether (USDT) aren't minable.
Despite this fact, several applications pose as miners for those currencies on Android ;) Do not be fooled, they are all malicious, if not scams.
It's not the first time that researchers have spotted such miners on Android marketplaces: Lukas Stefanko already noticed some in February. However, the samples below are new and are believed to have been hiding under the radar since May 2018.
The app displays a (fake) miner as below.
But check the code: the mining speed is generated randomly.
The app has a menu, and one of the possible choices is "Withdraw" to presumably collect your mined currencies. At this point, you probably won't be surprised that this withdrawal will not succeed.
To the question "Are you want to Withdraw now?" (English as in code...), there are only two alternatives:
So, in all cases, you won't be able to withdraw.
As far as we know, the only business around those applications is for their author to display ads and collect revenue:
So, basically, the idea is to fool the end-user in downloading an adware.
Fortinet customers are protected from these scams, detected as Riskware/FakeMiner!Android.
-- the Crypto Girl
Fake miners of the same family:
Download our latest Fortinet Global Threat Landscape Report to find out more detail about recent threat landscape trends.
Sign up for our weekly FortiGuard Threat Brief.
Know your vulnerabilities – get the facts about your network security. A Fortinet Cyber Threat Assessment can help you better understand: Security and Threat Prevention, User Productivity, and Network Utilization and Performance.