Home / Apple / Google Play Store plagued by hidden cryptocurrency mining malware attacking Android phones

Google Play Store plagued by hidden cryptocurrency mining malware attacking Android phones

Mobile software found on Google’s Play Store, the official application marketplace, contains malware that could infect Android devices and clandestinely mine cryptocurrency.

Cybersecurity researchers from Trend Micro said Monday (30 October) that two malware strains – dubbed JsMiner and CpuMiner – were found in at least three applications. Software included a wallpaper provider, a religious prayer service and a wireless internet scanner.

It remains unclear how many downloads each app received, and experts are yet to determine how much money the criminals behind the scheme made.

While some details remain unknown, experts say it is unique for such malware to be targeting mobiles.

Cryptocurrency mining typically works by hijacking a device’s computing power in order to “mine” digital currency, in this case Monero.

On smartphones, devices hit with the mining malware will show clear signs that something is wrong – including reduced battery functionality and slower performance.

“These threats highlight how even mobile devices can be used for cryptocurrency mining activities, even if, in practice, the effort results in an insignificant amount of profit,” Trend Micro’s mobile threat response team wrote in its analysis.

“Users should take note of any performance degradation on their devices after installing an app,” it added. The malicious software has now been removed from the store by Google.

A lucrative business

“As cryptocurrencies have grown in popularity and value, cryptocurrency mining has turned into a lucrative business,” said Chris Olson, CEO of web monitoring firm The Media Trust.

He continued: “However, it’s also a resource-intensive business that drives the enslaving of hundreds or thousands of devices to access their computing power.

“This enslaving is typically accomplished by surreptitiously inserting code into popular services which, when accessed by a user, executes and downloads a file on the user device.

“Most users only notice when the device experiences unexpected behaviour, i.e., slow processing or activity when the device should be idle.”

Coinhive, a popular mining software, was recently found on The Pirate Bay. Yet it appears that cryptocurrency-focused malware is increasingly targeting smartphone users.

Last week, ESET, a Slovakian cybersecurity company, found two malicious applications on Google Play posing as a popular US cryptocurrency exchange called Poloniex. The malware, used to steal passwords and sensitive data, was reportedly downloaded thousands of times.

You can see Trend Micro’s full analysis report here.


Check Also

ChaiOS Bug Will Crash Your iPhone When This Link Is Texted

Are smartphones making teenagers depressed? A new bug that crashes iPhones has been found in Apple's iOS software. The new bug called chaiOS takes down the smartphones using a vulnerability in the Messages app.  ( Chris McGrath | Getty Images ) A new bug has been discovered in Apple’s iOS...

Best affordable Android phones you can buy [January 2018]

There are new smartphones hitting the market constantly, but which is the best to pick …

New Apple Campus Coming Soon, Part Of $350 Billion Investment Into US Over Next 5 Years

Are smartphones making teenagers depressed? Apple is looking to open a second campus, as part of a $350 billion contribution to the U.S. economy over the next five years. The plan, which will create 20,000 more jobs, received approval from U.S. President Donald Trump.  ( Josh Edelson | Getty Images )...

Leave a Reply

Your email address will not be published. Required fields are marked *