Malicious Android apps recently detected in the Google Play store are being used to mine cryptocurrency from victim devices, security firm Trend Micro reported in a blog post.
Despite the novelty of cryptocurrencies, this isn’t the first time that Trend Micro has detected such apps in the Google Play store. Back in March 2014, the ANDROIDOS_KAGECOIN app was being used to mine currencies like Bitcoin, Litecoin, and Dogecoin.
SEE: Mobile device computing policy (Tech Pro Research)
The example Trend Micro shared of an ANDROIDOS_CPUMINER app was that of a free wallpaper app called Car Wallpaper HD: mercedes, ferrari, bmw and audi. The ANDROIDOS_CPUMINER is known for taking legitimate apps and repacking them with mining libraries and distributing them, the post said. Trend Micro identified at least 25 samples of ANDROIDOS_CPUMINER.
There is such a thing as a legitimate cpuminer library, the post said, but this app relies on an augmented version of that. The legitimate version goes up to 2.5.0, but the malicious version uses 2.5.1, the post said.
Various types of cryptocurrencies are being mined with these apps, but the total amount that has been generated is unknown. The post did say, however, that the criminals have mined at least $170 so far. For the amount of work, the payout is a pittance.
While mobile devices aren’t really useful for generating cryptocurrency, these apps can still impact users by limiting performance and reducing battery life, the post said.
Trend Micro said in the post that it has reached out to Google and the example apps listed above have been removed.
The 3 big takeaways for TechRepublic readers
- The attackers have only made about $170 from the mining, but these apps will reduce battery life and limit performance of victim devices.