Security researchers at Kaspersky have identified crypto mining malware in various apps and games in the Google Play store with a secret function: they’re using your Android device’s processor to mine cryptocurrencies.
Cryptomining malware, also known as cryptojacking, is malicious software that generates a crypto-currency in order to make use of users’ computers or Android devices without their knowledge.
Worried that your phone’s recent slowdown might be because it’s getting old? Well, hold that upgrade: it could be down to Android cryptojacking. Here’s what’s going on, and what you can do to stop it.
Cryptomining Malware on Android
Cryptomining is one type of malicious software that uses device resources without permission. In addition, the malware takes advantage of the device’s computing power to carry out some complex computational tasks. To carry out complex tasks, cryptomining malware utilises the device’s processing and computing power.
This means that Cryptomining Malware makes use of the computing power of the device to mine digital currency that is used to purchase various items in online stores. The amount of computational power that an infected device is capable of utilizing, also known as hash rate, determines the rate at which the mined crypto-cash is generated. This can make your battery drain very fast.
Note: Even websites can run Coinhive without your knowledge. We’ve previously looked at websites that use your CPU for cryptocurrency mining.
The Cryptojacking Risk to Android Users
As Dinha notes, “The apps appear to have legitimate functionality, yet the real goal is to provide CPU power to mine a cryptocurrency called Monero.” Getting these apps listed on Google Play appears to have been based on producing apps that run as per the description and hiding the cryptojacking code within the app.
Having this sort of software on your smartphone is a bit of a risk to system stability. It might also reduce the lifespan of your device. “Draining a device CPU could lead to super slow functionality,” says Dinh. “Long-term overheating could ultimately damage the device.”
It’s difficult to tell if an app or game you installed has a cryptojacking miner hidden within. However, in some cases, you can tell if your device has been subjugated to the crypto mining shenanigans of a scammer. Your phone may slow, and your web browser may open popup windows.
However, Dinha isn’t confident that it is easy to spot cryptojacking:
“Some of these malicious programs are quite advanced and are able to monitor CPU usage and even the temperature of the device to avoid causing the user to suspect the app.”
How Can You Stop Hidden Cryptominers?
Although Google has addressed the issue and begun removing suspicious apps from the Play Store, there is every chance that other apps (perhaps by other scammers) might repeat this.
Francis Dinha gives us three basic rules for protecting against this malware:
- Be wary of free applications.
- Don’t install apps from untrusted sources.
- Keep your device updated.
It is worth checking your device CPU’s performance, regardless of any steps taken by the scammers to hide activity. Dinha advises users to “go to task manager settings and check to see if the device CPU performance is unusually high. If so […] shut down or close running apps. If there is no change in performance… suspect a malicious malware.”
We should underline this. Using an Android device to mine cryptocurrency can cause considerable damage to the phone. Some phones might be totally unsuitable and lock up when the mining script is launched. Others might appear to manage the extra load, but run hotter than usual.
As a rule of thumb, your smartphone shouldn’t be running consistently hot. This is why smartphone cameras shut off on hot days when in video mode. Basically, hot phones are a problem!
Watch That Battery Usage!
There are other steps to take if you suspect cryptojacking, or just want to check. Android makes it simple to determine the battery usage of particular apps.Avoid apps that claim to boost your battery, though, as they’re mostly useless and could even be mining Monero on your phone themselves.
Meanwhile, it would be best to always be confident of the developer’s reputation before installing an app. Big-name developers and those with a good history of strong apps should be trustworthy. No-name developers are more likely to sneak cryptojacking into their apps.
Android Cryptojacking: Don’t Get Jacked!
Cryptojacking is a concerning new cybersecurity development, and one that requires vigilance. When there is an opportunity to make money, scammers will take it. They’ll use any means at their disposal, even if that means your mobile device.
So, bear in mind Dinha’s recommendations, and stay alert for drive-by-mining scripts with a few important guidelines:
- Be wary of free applications.
- Avoid untrusted third-party marketplaces.
- Rely on trusted app publishers.
- Always update your device.
- Watch CPU performance.
- Monitor your phone’s temperature.
- Install reputable security software on Android.