Yesterday it was revealed by the security researching firm, Trend Micro, that there is malicious code that mines cryptocurrency which has been found in Android applications. These appear to be compromised applications where there was a specific exploit available to the hackers.
The code was initially released as an interesting way for webmasters to mine cryptocurrency while users visit websites (in place of traditional advertising). However, this has been exploited by a number of hackers who have managed to insert the script in vulnerable websites thereby making the website an unwitting agent in the experiment.
The apps that were on the app store were legitimate apps. One was a free prayer app whereas the other was a discount and coupon scanning application. The researchers were able to identify at least 25 applications that had been compromised with the code inserted into them. These apps included mining libraries as well as malicious code.
They advised those users who had android devices that they should keep an eye on the CPU usage on their devices. These are usually the signs that something is running in the background and using your device without your knowledge. The researchers also stated that:
these threats highlight how even mobile devices can be used for cryptocurrency mining activities, even if, in practice, the effort results in an insignificant amount of profit.
After they had discovered the exploits, they contacted Google to let them know of the compromised applications. Although Google did remove these particular applications, there is still a concern that there are many others that are lurking out there. Moreover, if these managed to avoid the Google screen then it means that there may be many more out there.
The Danger of Mobile Apps
Although this is the first report of hackers using compromised applications to mine cryptocurrencies on your phone, we have seen apps being used for phishing scams. Last week, it was reported that the Google play store had fake Poloniex applications on them. These were disguised as official applications and stole user login credentials on the exchange.
If these disclosures show one thing, it is that hackers and “mineware” are finding ways to take advantage of you through the applications that you download. Be careful what you install and always make sure they are clean and authentic.
Featured Image via Fotolia