ForexMinute.com – Is your phone burning inside your pockets? Is it recharging slower than usual? Are you an Android user? Have you downloaded the apps ‘Songs’ and ‘Prized’ from the official Google Play store?
If your answer to the aforementioned questions is yes, antivirus provider Trend Micro has one good and one bad news for you. The good news is that your mobile is mining Bitcoin, Litecoin and Dogecoin – the most popular cryptocurrencies on Earth; the bad news is, that it is mining it for somebody else and you won’t get a penny for it. It’s a hack eventually, as per mentioned in some random IT security bible.
And how it is happening, explains a blog published on Tuesday by the Trend Micro’s Mobile Threat Analyst Veo Zhang, who confirms the aforementioned apps to have a malware (detected as ANDROIDOS_KAGECOIN.HBT). This malware, as per mentioned in the blog, has the capabilities to mine various cryptocurrencies, including the celebrated ones like Bitcoin, Litecoin and Dogecoin.
“The researchers,” writes Veo “originally found ANDROIDOS_KAGECOIN as repacked copies of popular apps such as Football Manager Handheld and TuneIn Radio. The apps were injected with the CPU mining code from a legitimate Android cryptocurrency mining app; this code is based on the well-known cpuminer software.”
The Malware has a Heart Too
One can wonder that the hackers simply would not depend on one smartphone to generate blocks of cryptocurrencies, as the latter do not have enough hardware support that could support such a heavy processing. It thus might be using different smartphones all at once. Also, the blog mentions that the malware only mines cryptocurrencies only when the smartphone is recharging, which eventually prevents the batteries to drain quickly.
Although, the smartphones are still subjected to overheating, and also consumed a large amount of bandwidth as well.
Who to Blame?
The app makers first, as they haven’t mentioned anything like hackers using smartphones to mine dear Bit, Lite and Doge. “Users may not know that their devices may potentially be used as mining devices due to the murky language and vague terminology,” says the blog.
And second and last, the Google Play store for failing to recognize the malware at first place. The organization have also not released any statement yet. Though, it has removed the apps from the store upon the warning.
A Very Bad Tip
See if you can utilize this malware for your own good. After home devices, mine cryptocurrencies via smartphones; that’s quite an era in itself.
To contact the writer of the article: Yashu Gola at firstname.lastname@example.org