Trend Micro Discovers Malware In Google Play Store That Mines Dogecoins

Two new threats to Android mobile devices have been discovered by security software company Trend Micro. The two apps, one of which has more than one million downloads, mines cryptocurrency such as Dogecoin and Litecoin whenever the device is plugged in for charging. This results in a shorter battery life of a device and will hasten its wear and tear.


The two apps in question are Songs (1 to 5 million installations) and Prized (10,000 to 50,000 installations) both of which mine Dogecoin or Litecoin which it then converts to Bitcoin. It was also discovered that the app creators have cashed in several times already.

Mining for cryptocurrency uses the CPU and GPU of a device and is oftentimes resource intensive. This is the reason why most miners use powerful computers to do this task. Mobile devices that have less powerful processors may also be used however the amount of cryptocurrency that will be mined is going to be very little and will take a longer amount of time. However, if a person can harness the power of millions of mobile devices then the amount mined could be significant enough.

The mobile apps Songs and Prized both contain a new malware called ANDROIDOS_KAGECOIN.HBTB. This malware has a cryptocurrency mining capability that allows it to mine Dogecoins, Litecoins, and Bitcoins. This malware was originally discovered in repacked copies of apps such as Football Manager Handheld and TuneIn Radio which are downloaded from unofficial sources. Now it appears that the malware has made its way inside of the Google Play store.

Trend Micro was able to analyze the code of both of these apps and discovered the cryptocurrency mining code inside. To make itself difficult to detect it only activates when the infected device is charging itself so that the increased energy usage will not be discovered. The company said that “We believe that with thousands of affected devices, cybercriminal accumulated a great deal of Dogecoins.”

One of the weaknesses of this malware is that it can easily be detected even if a device does not have a security app installed in it. As mobile devices do not make effective miners, consumers will easily notice that their phone or tablet takes a long time to charge and that their device gets excessively hot. These two characteristics indicate that an app is running in the background making use of the processor.

Trend Micro further said that “Users with phones and tablets that are suddenly charging slowly, running hot, or quickly running out of batteries may want to consider if they have been exposed to this or similar threats. Also, just because an app has been downloaded from an app store – even Google Play – does not mean it is safe.”

via trendmicro

12 Replies to “Trend Micro Discovers Malware In Google Play Store That Mines Dogecoins”

  1. I don’t understand how bitcoin works but it surely is making waves right now so it’s not that surprising that malwares are being created to hack it.
    I guess we better stick with “reputable” apps for now.

  2. If Facebook does have a break in, there are algorithms in place to stop harm. That said, whoever would break into it could do little to no harm.

  3. If malwares are inserted through popular apps, what guarantee does an ordinary citizen have that other apps in Google Play are not doing the same thing?

  4. I use similar apps but that does not mean a big company can still not get compromised. I mean Facebook changes things all of the time but who is to say they are never a target of someone out there who feels like checking out what they can break into?

  5. I think it has to be someone inside of the company. However, now that the malware has been discovered, I’m sure it’ll be off the Google Play Store very quickly.

  6. What’s interesting is that Bitcoin has become such a big deal that people are finding it necessary to do this for maximum profit.

  7. I personally haven’t found a need for antivirus yet. I think I am pretty low risk, considering I usually only use fairly well known apps made by big corporations, like Facebook and Gmail

  8. Whoever made this app should have something in place so that their coding can’t be changed without their authorization. Can anyone go into Google Play and change coding on apps or was it someone on the inside of the company?

  9. Bitcoin is all over the place right now so I am not surprised that there are known threats are out there in order to get people out of their coins. The ones that we should be worried about are the unknowns.

  10. I wondered how long it would be before we started seeing genuine threats to tablets and smartphones. I’ve had antivirus installed on all my mobile devices ever since I bought them for just this reason.

Comments are closed.