Thursday, 27 March 2014

Report: Android Malware Is Mining Bitcoin While You Recharge

Some Android users have noticed their phones and tablets are charging slowly and heating up quickly while plugged in. They actually may have a major issue on their hands.

A new strain of malware found in various popular apps is reportedly stealing digital currency, taxing the device's processor and battery while it charges, according to a researcher at antivirus firm Trend Micro. It's believed the malware has affected "thousands of devices."

The malware — called ANDROIDOS_KAGECOIN.HBT — has been detected in Android apps coming from the Google Play store, including Songs, Football Manager Handheld and TuneIn Radio.

"This malware uses a victim’s phone resources to 'mine' crytpocurrencies like Bitcoin," Christopher Budd, Trend Micro's threat communications manager, told. "In essence, the victim’s phone is put to work to make money for the attacker."

The malware could result in shorter battery life, increased wear and tear and lead to a shorter device lifespan. Budd said users should uninstall the affected apps immediately.

"This show that mobile is becoming as dangerous — if not more dangerous than the PC. Malware focused on cryptocurrency has been a problem on the PC-platform for some time and PC-based threats are now migrating to the mobile platform."

The apps were infected with CPU mining code from an Android cryptocurrency mining app. To hide the code, the cybercriminal modified the Google Mobile Ads portion of the app, the report said.

"Clever as the attack is, whoever carried it out may not have thought things through. Phones do not have sufficient performance to serve as effective miners," a Trend Micro researcher said in a blog post. "Users will also quickly notice the odd behavior of the miners — slow charging and excessively hot phones will all be seen, making the miner’s presence not particularly stealthy. Yes, they can gain money this way, but at a glacial pace."