Cyber Security firm Sophos had discovered 19 Android apps that load an instance of Coinhive script without user knowledge being circulated in Google Play Store in February this year. The strategy followed by the hackers is it downloads and installs modules of which subterfuges as antivirus or adult content apps.
These apps download and install several modules which perform different actions varying from stealing SMS to creating proxy and mining Monero [XMR]. It slows down the phone and warms it up because of the strain on the CPU.
Similarly, Trend Micro, a Security firm has discovered HiddenMiner, an Android malware. The etymology lies behind its ability to prevent itself from being discovered and removed. This software is powered to mine Monero.
A Twitterati commented:
“Hackers have become so sly that have started hiding Monero cryoptominers in a picture of Scarlett Johansson! “
These apps include the abuse device administrator features to remain hidden and runs in the background till the device runs out of power or fails due to overheating. It retains administrator privileges by locking the screen’s device using a flaw in Android Operating system.
The researchers have also found mining pools and wallets corresponding to the malware, among which, one of the pool operators withdrew an amount close to $5,000, which is almost 26 XMR.
Lorin Wu, a mobile threats analyst with Trend Micro wrote:
“This is similar to the Loapi Monero-mining Android malware, which other security researchers observed to have caused a device’s battery to bloat. In fact, Loapi’s technique of locking the screen after revoking device administration permissions is analogous to HiddenMiner’s”
A Security Researcher who goes by the name Elliott commented:
“I don’t think these apps are the original apps. The ‘hacker’ modified it and repacked it and after that, he uses multiple dropper apps to distribute these modified apps. Only the package name and the app name has been changed and I just dig up more and in fact, this is the same app 291 times which means there are 291 applications with different icons and names,”
The emergence of apps such as Coinminer, Loapi, etc. has brought upon a new era of cryptocurrency hacking. Android users to prevent their phones from being used for unauthorized mining should refrain from installing APK’s from unauthorized sources and rely on verified apps on Google Playstore and other legitimate businesses.
Subscribe to AMBCrypto’s Newsletter
XRP and XLM Price Analysis: Rival coins show bearish pressure of slightly different magnitudes
Monero [XMR] paired with Bitcoin [BTC] and Ethereum [ETH] on KuCoin
Bitcoin [BTC]: Nouriel Roubini connects the fall of ‘criminal ICOs’ to the fall in BTC and ETH prices
Bitcoin [BTC] and Ethereum [ETH] spend millions to secure network against 51 percent attacks
Ethereum [ETH]’s Vitalik Buterin says he is ‘pretty sure’ that more ERC20 tokens will be released
Craig Wright’s Twitter account suspended after threatening harassment and libel lawsuits
Bitcoin [BTC] critic Agustin Carstens warns against central banks issuing virtual currencies
Qtum partnership with Zeus enables users to trade cryptocurrency on Apple Pay, Samsung Pay
Bitwise’s report to SEC suggests unregulated crypto exchanges fake 95% of Bitcoin [BTC] trading volume
Tron [TRX] DApp Weekly report: Justin Sun’s cryptocurrency lays down claims that Tron is better than Ethereum and EOS
Bitcoin [BTC] Futures in good stead against its Spot equivalent: Bitwise Report
- Bitcoin Cash
Bitcoin Cash [BCH] advocate Roger Ver shows his support for Silk Road founder Ross Ulbricht again
Ethereum [ETH] core dev clarifies acceptance of ProgPow in future hard forks
Bitcoin Lightning Network will never be production ready, says Bitcoin Cash [BCH] proponent Rick Falkvinge