UPDATED 23:04 EDT / SEPTEMBER 24 2018

APPS

Malicious apps with hidden cryptomining script found in Google Play – again

Despite numerous promises from Google LLC and occasional crackdowns, cryptojacking apps — apps that hijack a mobile device to mine cryptocurrencies — have once again been discovered in the Google Play store.

A week after a report from the Cyber Threat Alliance found that cryptomining detections spiked 459 percent this year, securities researcher at Sophos Ltd. Monday said they’ve discovered at least 25 Android apps in the official Google Play store containing code that mines cryptocurrencies in the background.

The apps were disguised as games, utilities and educational apps, but unbeknown to downloaders, they contain embedded code from Coinhive that enables the app to mine for the Monero cryptocurrency. Eleven of the 25 apps were preparation apps for standardized tests given in the U.S. published by a single developer account called “Gadgetium.”

Combined, the discovered apps are believed to have been downloaded around 120,000 times.

In an arguable positive, the apps were found to be using throttling to limit processor usage by mining. That means they were less likely to be detected or cause mayhem in the process such as device overheating, high battery drain and overall device sluggishness, something seen by some code used in cryptojacking attacks last year.

The Sophos researchers said they informed Google of the apps in August, but only a few have been removed, leaving the majority available for download.

In Google’s defense, it is a numbers game with Google Play and detecting these apps is sometimes like finding a needle in a haystack. Nonetheless, Sophos researchers argued, if they can find them, so should Google. In this case, a simple scan for Coinhive code embedded in apps allowed the researchers to discover the malicious apps.

Image: Sophos

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU