Promo2day
Kaspersky Finds Crypto Miners in Android Apps Published on Google Play Store - Printable Version

+- Promo2day (https://www.promo2day.com)
+-- Forum: News Center (https://www.promo2day.com/forumdisplay.php?fid=21)
+--- Forum: Security News (https://www.promo2day.com/forumdisplay.php?fid=52)
+--- Thread: Kaspersky Finds Crypto Miners in Android Apps Published on Google Play Store (/showthread.php?tid=23531)



Kaspersky Finds Crypto Miners in Android Apps Published on Google Play Store - tarekma7 - 04-16-2018

Quote:One of the apps was downloaded over 100,000 times

Security company Kaspersky has come across several Android apps published on the Google Play Store that come bundled with cryptocurrency miners.


The Russian vendor says most of the apps were published in the sports section and offered capabilities like streaming in an attempt to hide the spike in resource usage caused by crypto mining.

A Portuguese soccer streaming app, for instance, was downloaded more than 100,000 times, Kaspersky says, and it bundled a miner that kicked in once users started streaming. This way, the malicious code was harder to detect by users because a spike in CPU usage is expected when streaming.

“The apps access the placartv.com server. This same domain is used in the developer’s email address specified in the Google Play store. Unbeknown to visitors, the site placartv.com runs a script that mines cryptocurrency,” Kaspersky notes.

The security company says that crypto miners were bundled into many other apps, including a discount aggregator that instead of opening sites with products available at a reduced price, it actually loaded pages with cryptocurrency mining code.

Apps already removed from the Google Play store
Also interesting was an app called Crypto Mining for Children that claimed to mine crypto for charity.

“The description contained no word about where or how the coins would be spent — something that any bona fide fundraising organization would publish. What’s more, the name of the developer bore a striking resemblance to that of a well-known mobile app (a cryptocurrency wallet), but with one letter missing. That’s a common trick used by phishers,” the firm says.

Google has already been informed about these apps, and Kaspersky says that all them were removed based on these findings, which means users should already be secure.

Customers that installed apps like these are recommended to run security solutions that could detect crypto miners, or at least keep an eye on unusual CPU activity that could be a sign of malicious code bundled into apps.

You are not allowed to view links. Register or Login to view.