Despite Crackdown, Fake Ethereum App Scams Google Play Users
A copycat Ethereum application on Google Play came under scrutiny earlier this week–scamming users under the pretext of selling them 1 ether, without selling any actual ether. Several users were tricked into buying the non-existent token, according to Hard Fork.
ETH Hopefuls Scammed
Currently trading at $285, ether trades on all popular cryptocurrency exchanges and is available on several crypto-wallets. However, the ambitious scam tricked users into buying absolutely nothing (or at the most, a small mobile icon of Ethereum) for $100 more than actual ether.
The malware was first brought to light by researcher Lucas Stefanko on Twitter, and as per Google Play results, over 100 people have been tricked, or vastly misled, into buying the fake tokens:
Buying Ethereum app is not the same as buying #Ethereum.
Scam app for €335 only displays ETH logo. pic.twitter.com/msBYiT7Gqq— Lukas Stefanko (@LukasStefanko) August 21, 2018
Interestingly, the application was offered by a fake company called “Google Commerce,” which signifies the attackers took elaborate steps to cover their tracks and get the fraudulent app listed.
CryptoSlate tried to search for the application on Google Play, but it appears to have been taken down after alarms were raised on several online communities.
Google’s Inefficient Crackdown
Meanwhile, Google continues to protect its users against malicious applications, including fake crypto-mining platforms and wallets, after a suite of such fakes appeared following the rise of the digital asset market.
In July 2018, Google announced it would ban all crypto-mining applications on its market platform in a bid to create a fraud-free environment for its users.
Despite the stern warning, crypto-observers found several applications, and even cryptocurrencies, listed on Google Play, generating substantial traction from unsuspecting users.
For example, JSECoin, a new payments-focussed cryptocurrency, made it to Google Play recently, regardless of Google’s internally-issued, 30-day window to all developers for complying with their regulations.
Perhaps the use of a savvy smart contract could help Google from mitigating such threats on their platform.