Malware That Mines for Cryptocurrencies Emerges in Google Play Apps

Malware That Mines for Cryptocurrencies Emerges in Google Play AppsMalware that mines your computer for bitcoins and other digital currencies is a relatively new threat, and its now present in at least two apps available on Google Play.
A report from the security company Trend Micro reveals that two apps contain code to mine bitcoin,  as well as dogecoin and litecoin, the two popular altcoins. The apps combined have more than one million installs.
What does all of this mean to the unsuspecting victim?
“These apps have been downloaded by millions of users, which means that there may be many Android devices out there being used to mine cryptocurrency for cybercriminals,” says Trend Micro.
The apps in question are called Songs and Prized, and both are available from the Google Play Store. Songs has between one and five million downloads so far, while Prized has 10,000 to 50,000 downloads.
These apps can wreak some havoc on your mobile device, mostly likely a smartphone or tablet running Google’s Android OS.
“Based on our analysis, we have found that this malware is involved in the mining for various digital currencies, including Bitcoin, Litecoin, and Dogecoin,” Trend Micro said. “This has real consequences for users: shorter battery life, increased wear and tear, all of which could lead to a shorter device lifespan.”
The researchers originally found “ANDROIDOS_KAGECOIN” as repacked copies of popular apps such as Football Manager Handheld and TuneIn Radio.
The CPU mining code is based on the well-known cpuminer software.
Here is how it deploys, according to Trend Micro:
“The miner is started as a background service once it detects that the affected device is connected to the Internet. By default, it launches the CPU miner to connect to a dynamic domain, which then redirects to an anonymous Dogecoin mining pool.”
This is not the first time that mining malware has set out to infest consumer devices.
On New Year’s Eve, Yahoo’s European servers were piggybacked to spread mining malware to  thousands of PCs, but the attack appears to have been relatively unsuccessful.

Leave a Reply

Your email address will not be published. Required fields are marked *