Skip to main content

Android apps infected with cyptocurrency mining malware

A little bit of mining malware tucked into Android apps

Security researchers have discovered new malware on Android devices that mines for cryptocurrencies like Bitcoin.

The ANDROIDOS_KAGECOIN.HBT malware has been bundled with some popular apps in the Google Play store, some of which have been downloaded by millions of users, according to TrendMicro.

CPU mining code from a legitimate Android mining app, based on the popular cpuminer software, was injected into the apps to make them earn money for cybercriminals.

Digging deep

The malware mines for Bitcoin, Litecoin, and Dogecoin. Since mining uses a lot of battery power, the code only kicks in when the device is being charged, cleverly disguising the infection from users.

However, users may be alerted by the fact that their smartphone takes forever to charge or seems to be constantly hot.

The news follows a recent report on the Linux.Darlloz worm, which has also begun mining for cryptocurrencies on Internet of Things devices.

While mining on mobile devices is slow and not terribly profitable, these malware show that cybercriminals are willing to try their hand at anything to get money. Thousands of devices are believed to be infected.

Google has been informed of the latest Android threat.

Via ArsTechnica