PayPal And Bitcoin Scamming Fake Android Apps Discovered On Google Play Store

A PayPal credential stealing fake Android app, masquerading as a service to generate money from watching in-app YouTube videos, has been discovered by cyber security researchers from ESET.

Boost Views on the Google Play store was found to have the Tojan.Android/FakeApp.FK malware and under the guise of providing users with real money in return for views on YouTube, scams users to part with their PayPal details.

Fake Android app Boost Views

Boost Views attracts in Android users by promising to gnerate erning for them if they watch YouTube videos within the app, at the same time they can also buy credits for real-money in exchange for YouTube views, thus building the apps deceptive nature.

Having generated $0.09 in 16 hours of automatic video playing and having seen no mention of a minimum payout threshold, we tried to withdraw the earned amount.

ESET’s researchers noted that there appeared to be no minimum payout threshold for the views, and so they attempted to withdraw the money they earned while investigating the app, where they discovered the crux of the scam.

“In order to withdraw money, PayPal credentials must first be entered into an insecure login form for “authentication”. Once victims enter their credentials, they are confronted with an “invalid login” error message and their PayPal credentials are sent unencrypted to developer’s server,” they said.

“With PayPal account compromised, the victims’ PayPal and/or credit card balance are open for misuse.”

While the researchers said that PayPal has so far not reported any suspicious activity on the account they have used to test Boot Views, it still offers little comfort for users who have had their PayPal details compromised.


The researchers also uncovered another trojan lurking in PaxVendor, a malicious Android app that goes after the Bitcoins of the users of legitimate Bitcoin trading marketplace Paxful.

Through the use of a bogus login screen, PaxVendor looks to harvest users’ Paxful login details while offering no real functionality in return by generating a error noting the users’ that it cannot access their Paxful account, while sending the login credentials to a server used by the scammer.

The researchers noted that someone signed into their account from the Ukraine shortly after they entered their Paxful credentials into PaxVendor.

The malicious app has been pulled by Google from the Play store, but the ESET researchers noted that 500 installs have been made before PaxVendor was shutdown.

Both examples of fake Android apps indicate the need for users to be extra vigilant for app scams pretending to offer a money-making service in return for very little, and indicate the continued rise of sophisticated scamming malware as vectors for cyber attacks.

What do you know about the mobile app revolution?Try our quiz!

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

Microsoft Executive Indicates Departmental Hiring Slowdown

Amid concern at the state of the global economy, a senior Microsoft executive tells staff…

12 hours ago

Shareholders Sue Twitter, Elon Musk For Stock ‘Manipulation’

Disgruntled shareholders are now suing both Twitter and Elon Musk, over volatile share price swings…

13 hours ago

Google Faces Second UK Probe Over Ad Practices

UK's competition watchdog launches second investigation of Google's ad tech practices, and whether it may…

15 hours ago

Elon Musk Raises His Contribution To Twitter Acquisition

But one of Elon Musk's biggest backers on the Twitter board has tendered his resignation…

1 day ago

Broadcom Confirms VMware Acquisition For $61 Billion

Entry into cloud infrastructure software for US chip firm Broadcom after it confirms reports it…

1 day ago