Crypto Scammers Upload Fake Apps to Google Play, Sued by Google

This post is also available in: עברית (Hebrew)

Google has filed a lawsuit against a group of crypto scammers for defrauding over 100,000 people worldwide by uploading fraudulent investment and crypto exchange apps to Google Play.

General counsel at Google Halimah DeLaine Prado spoke to CNBC Crypto and said that this is “a unique opportunity for us to use our resources to actually combat bad actors who were running an extensive crypto scheme to defraud some of our users.” She also added that this lawsuit allows the company to not only use its resources to protect users, but to also serve as sort of a precedent to future bad actors that “we don’t tolerate this behavior.”

According to Interesting Engineering, the lawsuit claims the two alleged scammers (known as Alphonse Sun and Stanford Fischer) have been conducting these schemes at least since 2019. They allegedly lured victims to download their apps from Google Play using text message campaigns with Google Voice, online promotional videos on YouTube and other platforms, and affiliate marketing campaigns that paid user commissions for signing up people.

The scammers designed the apps to seem completely legitimate, showing users their maintained balances on the app and apparent returns being earned on their investments. Furthermore, in order to gain the trust of their victims, the criminals allowed users to initially withdraw small amounts of money, while others were told they needed to either pay a fee or have a minimum balance to withdraw their money.

One major scamming app highlighted in the lawsuit was the “crypto exchange” TionRT app, which was uploaded to Google Play in 2022 and was promoted using text messages and social media platforms. Victims who noticed they could not withdraw their money from the app eventually alerted Google. Google, in turn, has a dedicated cybersecurity team that is constantly looking across all of the company’s platforms and services to assist in such cases, and sometimes even partners with law enforcement.

Another issue with this kind of scam, as was highlighted by Google, is that these apps can easily come back in a different form once removed. Google claims it suffered damages of $75,000 and is seeking a permanent injunction against the alleged cybercriminals for general damages and to prevent them and their employees from creating Google accounts and accessing Google services.