Android Apps Secretly Mine Virtual Currencies

Using malicious software to mine cryptocurrencies on desktop PCs is nothing new, but now mobile phones are also being infected for the same reason. Any device that has sufficient compute power is able to contribute to a mining effort and therefore, some Android apps from Google Play and third-party markets are now being used to secretly install the mining software.

Even though the process is similar on both desktop PCs and mobile devices, people with infected smartphones are tipped off because of the battery drain that inevitably occurs. Researchers at two different security firms discovered the malicious apps and determined how they work once installed. The majority of infected applications are found on third-party Web sites but two (Songs and Prized) were on Google Play and as of this morning, Songs was still available.

The mining process requires a significant amount of resources, especially for popular digital currencies like Bitcoin and Litecoin. Instead of having banks validate transactions, user compute power is employed to validate the transactions and prevent fraud. In order to make the process worthwhile, units of the currency are given to the miners, providing a way for people to make money. But this has attracted hackers who can infect other devices in order to earn more.

Battery Drain

Outside of a slow computer, there are very few ways to tell if your PC has been infected with a mining script. That is not the case with mobile devices, since battery drain will usually occur if a piece of software is using too much energy.

Marc Rogers, a security researcher with Lookout Software, helped to discover the CoinKrypt mining script for digital currencies. In a blog post, Rogers explained that during his research it became clear that a phoneEUs battery and data plan could be impacted while the mining...

Comments are closed.