Two new threats to Android mobile devices have been discovered by security software company Trend Micro. The two apps, one of which has more than one million downloads, mines cryptocurrency such as Dogecoin and Litecoin whenever the device is plugged in for charging. This results in a shorter battery life of a device and will hasten its wear and tear.
The two apps in question are Songs (1 to 5 million installations) and Prized (10,000 to 50,000 installations) both of which mine Dogecoin or Litecoin which it then converts to Bitcoin. It was also discovered that the app creators have cashed in several times already.
Mining for cryptocurrency uses the CPU and GPU of a device and is oftentimes resource intensive. This is the reason why most miners use powerful computers to do this task. Mobile devices that have less powerful processors may also be used however the amount of cryptocurrency that will be mined is going to be very little and will take a longer amount of time. However, if a person can harness the power of millions of mobile devices then the amount mined could be significant enough.
The mobile apps Songs and Prized both contain a new malware called ANDROIDOS_KAGECOIN.HBTB. This malware has a cryptocurrency mining capability that allows it to mine Dogecoins, Litecoins, and Bitcoins. This malware was originally discovered in repacked copies of apps such as Football Manager Handheld and TuneIn Radio which are downloaded from unofficial sources. Now it appears that the malware has made its way inside of the Google Play store.
Trend Micro was able to analyze the code of both of these apps and discovered the cryptocurrency mining code inside. To make itself difficult to detect it only activates when the infected device is charging itself so that the increased energy usage will not be discovered. The company said that “We believe that with thousands of affected devices, cybercriminal accumulated a great deal of Dogecoins.”
One of the weaknesses of this malware is that it can easily be detected even if a device does not have a security app installed in it. As mobile devices do not make effective miners, consumers will easily notice that their phone or tablet takes a long time to charge and that their device gets excessively hot. These two characteristics indicate that an app is running in the background making use of the processor.
Trend Micro further said that “Users with phones and tablets that are suddenly charging slowly, running hot, or quickly running out of batteries may want to consider if they have been exposed to this or similar threats. Also, just because an app has been downloaded from an app store – even Google Play – does not mean it is safe.”