Crap battery life? Criminals may be using your phone to mine bitcoins

2 Apr 201417 Shares

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Shorter battery life on your Android smartphone may be caused by malware that is involved in mining for various digital currencies, including bitcoin and dogecoin, according to security firm Trend Micro.

Researchers have found that malware in the wild is contributing to shorter battery life and increased wear and tear on mobile devices.

“The researchers originally found ANDROIDOS_KAGECOIN as repacked copies of popular apps, such as Football Manager Handheld and TuneIn Radio,” said Veo Zhang, a mobile threats analyst at Trend Micro.

He said the apps were injected with the CPU mining code from a legitimate Android cryptocurrency mining app; this code is based on the well-known cpuminer software. To hide the malicious code, the cyber-criminal modified the Google Mobile Ads portion of the app.

Every doge has his pay day

doge 1

“The miner is started as a background service once it detects that the affected device is connected to the internet. By default, it launches the CPU miner to connect to a dynamic domain, which then redirects to an anonymous dogecoin mining pool.

“By February 17, his network of mobile miners has earned him thousands of dogecoins. After February 17, the cyber-criminal changed mining pools. The malware is configured to download a file, which contains the information necessary to update the configuration of the miner. This configuration file was updated, and it now connects to the well-known WafflePool mining pool. The bitcoins mined have been paid out (ie, transferred to the cyber-criminal’s wallet) several times,” Zhang said.

He added that the coin-mining apps were found outside the Google Play store.

However, Trend Micro has found the same behaviour of apps inside the Google Play store that may have been downloaded by millions of users.

“This means that there may be many Android devices out there being used to mine cryptocurrency for cyber-criminals,” Zhang said.

doge 3

Bitcoin on smartphone image via Shutterstock

Editor John Kennedy is an award-winning technology journalist.

editorial@siliconrepublic.com