Android malware that are lurking around its Google Play store in vast numbers.
Recently, Google had offered users refund and additional credit of $5 for the bogus antivirus app 'Virus Sheild' that potentially defrauded more than 10,000 Android users who have downloaded the app from the Google play store. The step taken by Google is really appreciated, as the refunding cost Google around $269,000.
Now, it has been found that a number of malicious Android apps on the Google Play store secretly turn users’ android devices into small rigs contributing to a large-scale crypto currency mining operation.
CRYPTO MINER IN ANDROID APP
Security researchers from an anti-malware firm Lookout have identified various malware apps at Google Play Store, which they dubbed as ‘BadLepricon’ containing hidden crypto miner that stealthily exploit users’ android device to perform the cumbersome computational process without their knowledge.
BadLepricon malware was specially designed to be delivered via wallpaper apps and researchers found it in five separate apps masquerading as ‘Live Wallpaper Apps’ that had more than 100 of downloads each, according to a blog post published Thursday.
"These apps did fulfill their advertised purpose in that they provided live wallpaper apps, which vary in theme from anime girls to 'epic smoke' to attractive men," Meghan Kelly, a Lookout security communications manager, wrote in a company blog post. "However, without alerting you in the terms of service, BadLepricon enters into an infinite loop where -- every five seconds -- it checks the battery level, connectivity, and whether the phone's display was on."
DETECTING MOBILE MALWARE
So, if you found your mobile devices overheated harder than usual, then you may have malicious wallpaper installed in your Smartphones that could be secretly mining cryptocurrency without your knowledge, and once your device connects to the internet, the mining capabilities kick into action in the background.
Due to an increase in the value of digital coins, cyber criminals has added it in their watchlist and making every effort to steal your virtual money. As we know, coin mining is the key component for digital currencies and such malware does not steal data. Instead, they are capable of mining Bitcoin, Litecoin and Dogecoin using the victim's device.
Google expeditiously removed the malicious apps as soon as Lookout Mobile security firm reported it. This is not first time when an Android malware is targeting users’ Smartphones for mining crypto-currencies. Few weeks back researchers from the Antivirus firm Trend micro also spotted two such apps named - 'Songs' and 'Prized’ on Google play store that mined the Litecoin and Dogecoin cryptocurrencies without users’ knowledge, and was downloaded by more than one million users.