A Cautionary Tale: ‘Rewards’ App Busted for Mining Customer Data

Advertising Disclosure: When you buy something by clicking links on our site, we may earn a small commission, but it never affects the products or services we recommend.

Image Not Available

An Ohio-based smartphone app developer has settled charges that it hijacked consumers’ phones with a “rewards” app that was actually designed to reward the developer, not the consumer.

According to a complaint filed by the Federal Trade Commission and the state of New Jersey, the “Prized” app downloaded malware that mined for cryptocurrency, leaving consumers with sapped phone batteries and depleted data plans. The settlement bars the app developer from creating and distributing malicious software.

“Hijacking consumers’ mobile devices with malware to mine virtual currency isn’t just deplorable; it’s also illegal,” said Jessica Rich, director of the FTC’s Bureau of Consumer Protection, in a statement. “These scammers are now prohibited from trying such a scheme again.”

Thousands of consumers downloaded the Prized app, which was available through the Google Play Store, Amazon App Store, and elsewhere, thinking that they could earn points for playing games or downloading affiliated apps, the FTC explained. The points were supposed to be good for rewards like clothes, gift cards and other items.

“Consumers were promised that the downloaded app would be free from malicious software – malware – or viruses,” the FTC said.

Instead, the Prized app contained malware that used the phones’ computing resources to “mine” for virtual currencies, including DogeCoin, LiteCoin and QuarkCoin.

“Consumers downloaded this app thinking that at the very worst it would not be as useful or entertaining as advertised,” said Acting New Jersey Attorney General John J. Hoffman. “Instead, the app allegedly turned out to be a Trojan horse for intrusive, invasive malware that was potentially damaging to expensive smartphones and other mobile devices.”

In addition to the ban on creating and distributing malicious software, the settlement also requires that the app developer pay a $50,000 monetary judgment to the state of New Jersey, “of which $44,800 is suspended upon payment of $5,200 and compliance with the injunctive provisions of the stipulated order,” the FTC said.

The app developer is also required to destroy any consumer information that was collected through marketing and distribution of the app.

What precautions do you take before downloading an app? Share your comments below or on our Facebook page.

Get smarter with your money!

Want the best money-news and tips to help you make more and spend less? Then sign up for the free Money Talks Newsletter to receive daily updates of personal finance news and advice, delivered straight to your inbox. Sign up for our free newsletter today.