To Top

Trend Micro Discovers Malware In Google Play Store That Mines Dogecoins

Two new threats to Android mobile devices have been discovered by security software company Trend Micro. The two apps, one of which has more than one million downloads, mines cryptocurrency such as Dogecoin and Litecoin whenever the device is plugged in for charging. This results in a shorter battery life of a device and will hasten its wear and tear.


The two apps in question are Songs (1 to 5 million installations) and Prized (10,000 to 50,000 installations) both of which mine Dogecoin or Litecoin which it then converts to Bitcoin. It was also discovered that the app creators have cashed in several times already.

Mining for cryptocurrency uses the CPU and GPU of a device and is oftentimes resource intensive. This is the reason why most miners use powerful computers to do this task. Mobile devices that have less powerful processors may also be used however the amount of cryptocurrency that will be mined is going to be very little and will take a longer amount of time. However, if a person can harness the power of millions of mobile devices then the amount mined could be significant enough.

The mobile apps Songs and Prized both contain a new malware called ANDROIDOS_KAGECOIN.HBTB. This malware has a cryptocurrency mining capability that allows it to mine Dogecoins, Litecoins, and Bitcoins. This malware was originally discovered in repacked copies of apps such as Football Manager Handheld and TuneIn Radio which are downloaded from unofficial sources. Now it appears that the malware has made its way inside of the Google Play store.

Trend Micro was able to analyze the code of both of these apps and discovered the cryptocurrency mining code inside. To make itself difficult to detect it only activates when the infected device is charging itself so that the increased energy usage will not be discovered. The company said that “We believe that with thousands of affected devices, cybercriminal accumulated a great deal of Dogecoins.”

One of the weaknesses of this malware is that it can easily be detected even if a device does not have a security app installed in it. As mobile devices do not make effective miners, consumers will easily notice that their phone or tablet takes a long time to charge and that their device gets excessively hot. These two characteristics indicate that an app is running in the background making use of the processor.

Trend Micro further said that “Users with phones and tablets that are suddenly charging slowly, running hot, or quickly running out of batteries may want to consider if they have been exposed to this or similar threats. Also, just because an app has been downloaded from an app store – even Google Play – does not mean it is safe.”

via trendmicro

  • Brainy

    I wondered how long it would be before we started seeing genuine threats to tablets and smartphones. I’ve had antivirus installed on all my mobile devices ever since I bought them for just this reason.

  • nullset

    Bitcoin is all over the place right now so I am not surprised that there are known threats are out there in order to get people out of their coins. The ones that we should be worried about are the unknowns.

  • OSpotter

    Whoever made this app should have something in place so that their coding can’t be changed without their authorization. Can anyone go into Google Play and change coding on apps or was it someone on the inside of the company?

  • Brad

    Interesting. These don’t actually harm your devices permanently, though?

  • Brad

    I personally haven’t found a need for antivirus yet. I think I am pretty low risk, considering I usually only use fairly well known apps made by big corporations, like Facebook and Gmail

  • Brad

    What’s interesting is that Bitcoin has become such a big deal that people are finding it necessary to do this for maximum profit.

  • Brad

    I think it has to be someone inside of the company. However, now that the malware has been discovered, I’m sure it’ll be off the Google Play Store very quickly.

  • David Argus

    Wow, so malwares have made their way into the Play Store. That is serious threat.

  • Kimsulen

    I use similar apps but that does not mean a big company can still not get compromised. I mean Facebook changes things all of the time but who is to say they are never a target of someone out there who feels like checking out what they can break into?

  • Anderson Lewis

    If malwares are inserted through popular apps, what guarantee does an ordinary citizen have that other apps in Google Play are not doing the same thing?

  • Brad

    If Facebook does have a break in, there are algorithms in place to stop harm. That said, whoever would break into it could do little to no harm.

  • Raybert Eichmann

    I don’t understand how bitcoin works but it surely is making waves right now so it’s not that surprising that malwares are being created to hack it.
    I guess we better stick with “reputable” apps for now.

More in Tech News