Monero miner malware found lurking behind Android apps
5 stars based on
The user may, however, notice the sluggishness and increased temperature of the device, owing to the constantly high CPU usage by the miner. One such site offers apps disguised as an installer for popular bitcoin miner androidandroid apps on google play available on Google Play, such as antivirus apps, games, utilities and more. T he rise of CoinHive and CoinMiner comes on the heels of another malicious miner found on third-party sites called Loapi, which poses as popular antivirus and adult content apps.
It downloads and installs several modules, each of which bitcoin miner androidandroid apps on google play different bitcoin miner androidandroid apps on google play actions, like sending device information to a remote server, stealing SMS, pulling in advertisements, crawling webpages, creating a proxy and mining Monero. Sites housing these are blocked before the user can stumble upon contaminated pages.
Admins were instead presented with alerts for PUA detections and could manually choose from three possible options: Cleanup, Authorize or Acknowledge. However, that changed last month as SophosLabs began to see evermore sneaky behavior from the likes of CoinHive.
Given the parasitic nature of these types of cryptominers we now tag them as malware to be blocked when users stumble upon a site harboring them. SophosLabs reported the latest discoveries to Google, which has since removed the offending apps from Google Play. Infosec writer, podcaster and community builder, content strategist and senior writer at Sophos.
You are commenting using your WordPress. You are commenting using your Twitter account. You are commenting using your Facebook account. Notify me of new comments via email. Next Understanding ransomware and the impact of repeated attacks. Bill Brenner Infosec writer, podcaster and community builder, content strategist and senior writer at Sophos. Leave a Reply Cancel reply Enter your comment here Fill in your details below or click an icon to log in: Email Address never made public.
You might also enjoy