FROM: U.S. FEDERAL TRADE COMMISSION
App Developer Settles FTC and New Jersey Charges It Hijacked Consumers’ Phones to Mine Cryptocurrency
Defendants’ App Installed Malware that Left Phones With Drained Batteries, Depleted Data Plans
A smartphone app developer has agreed to settle charges by the Federal Trade Commission and the New Jersey Attorney General that it lured consumers into downloading its “rewards” app, saying it would be free of malware, when the app’s main purpose was actually to load the consumers’ mobile phones with malicious software to mine virtual currencies for the developer.
The Ohio-based defendants behind the app, called “Prized,” agreed to a settlement that will permanently ban them from creating and distributing malicious software.
“Hijacking consumers’ mobile devices with malware to mine virtual currency isn’t just deplorable; it’s also illegal,” said Jessica Rich, Director of the FTC’s Bureau of Consumer Protection. “These scammers are now prohibited from trying such a scheme again.”
The defendants, Equiliv Investments and Ryan Ramminger, began marketing the Prized app around February 2014, making it available in the Google Play Store, Amazon App Store and others. Thousands of consumers downloaded the app believing they could earn points for playing games or downloading affiliated apps and then spend those points on rewards such as clothes, gift cards and other items. Consumers were promised that the downloaded app would be free from malicious software – malware – or viruses, according to the complaint.
What consumers got instead, according to the complaint, was an app that contained malware that took control of the device’s computing resources to “mine” for virtual currencies like DogeCoin, LiteCoin and QuarkCoin.
Virtual currencies are created by solving complex mathematical equations, and the complaint alleges that the app attempted to harness the power of many users’ devices to solve the equations more quickly, thus generating virtual currency for the defendants. The use of that power caused the device’s battery to drain faster and recharge more slowly, and to burn through consumers’ monthly data plans.
“Consumers downloaded this app thinking that at the very worst it would not be as useful or entertaining as advertised,” said Acting New Jersey Attorney General John J. Hoffman. “Instead, the app allegedly turned out to be a Trojan horse for intrusive, invasive malware that was potentially damaging to expensive smartphones and other mobile devices.”
The complaint in the case alleges that the defendants violated both the FTC Act and the New Jersey Consumer Fraud Act. In addition to the ban on creating and distributing malicious software, the court order also requires the defendants to destroy all information about consumers that they collected through the marketing and distribution of the app.
The settlement also includes a $50,000 monetary judgment against the defendants payable to the state of New Jersey, of which $44,800 is suspended upon payment of $5,200 and compliance with the injunctive provisions of the stipulated order.
This case is part of the FTC’s ongoing work to protect consumers taking advantage of new and emerging financial technology, also known as FinTech. As technological advances expand the ways consumers can store, share, and spend money, the FTC is working to keep consumers protected while encouraging innovation for consumers’ benefit.
The Commission vote authorizing the staff to file the complaint and approving the proposed stipulated court order was 5-0. The FTC and state of New Jersey filed the complaint and order in the U.S. District Court for the District of New Jersey.