On Monday security research firm Trend Micro revealed malicious code that mines crypto currencies hidden in compromised Android apps. As Bitcoin prices reach ever skyward a darker side to the industry will inevitably seep in and with it those that aim to illegally and immorally take advantage of vulnerable systems and users.
The compromised apps on Google’s Play Store were legitimate, the first being ‘Recitiamo Santo Rosario Free’, a Catholic prayer app and ‘SafetyNet Wireless’ app offering internet discounts. So far 25 legitimate versions of apps have been hijacked to include mining libraries and malicious code, including a popular one which offers car wallpapers for free.
Security researchers advised users to keep an eye on CPU usage, especially if it is high; this could be a sign that malware or ‘mineware’ has been injected onto the device. Analysts went on to state that ‘these threats highlight how even mobile devices can be used for cryptocurrency mining activities, even if, in practice, the effort results in an insignificant amount of profit.’
TrendLabs contacted Google to get the compromised apps removed from its app store but there is still the concern that they managed to circumnavigate the tech giant’s screening process. If the malicious mining code was injected after the apps were publish it raises more questions on whether Google is responsible for ongoing security checks on apps in its store and on its mobile operating system in general.
Cyber criminals have been all over Coin Hive this year and its malicious code has been disseminated across vulnerable servers, websites and ultimately end users computers. With cryptos being so lucrative at the moment we can only advise that users stay vigilant, only download trusted apps, and look out for erratic device behavior.