Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: G+ Digg Delicious Reddit Facebook Twitter StumbleUpon

finds crypto store published apps play miners android google kaspersky

Kaspersky Finds Crypto Miners in Android Apps Published on Google Play Store
Quote:One of the apps was downloaded over 100,000 times

Security company Kaspersky has come across several Android apps published on the Google Play Store that come bundled with cryptocurrency miners.

The Russian vendor says most of the apps were published in the sports section and offered capabilities like streaming in an attempt to hide the spike in resource usage caused by crypto mining.

A Portuguese soccer streaming app, for instance, was downloaded more than 100,000 times, Kaspersky says, and it bundled a miner that kicked in once users started streaming. This way, the malicious code was harder to detect by users because a spike in CPU usage is expected when streaming.

“The apps access the server. This same domain is used in the developer’s email address specified in the Google Play store. Unbeknown to visitors, the site runs a script that mines cryptocurrency,” Kaspersky notes.

The security company says that crypto miners were bundled into many other apps, including a discount aggregator that instead of opening sites with products available at a reduced price, it actually loaded pages with cryptocurrency mining code.

Apps already removed from the Google Play store
Also interesting was an app called Crypto Mining for Children that claimed to mine crypto for charity.

“The description contained no word about where or how the coins would be spent — something that any bona fide fundraising organization would publish. What’s more, the name of the developer bore a striking resemblance to that of a well-known mobile app (a cryptocurrency wallet), but with one letter missing. That’s a common trick used by phishers,” the firm says.

Google has already been informed about these apps, and Kaspersky says that all them were removed based on these findings, which means users should already be secure.

Customers that installed apps like these are recommended to run security solutions that could detect crypto miners, or at least keep an eye on unusual CPU activity that could be a sign of malicious code bundled into apps.

You are not allowed to view links. Register or Login to view.

Possibly Related Threads...
Thread Author Replies Views Last Post
  Google Engineer Finds Zero-Day Flaw in Microsoft Browser mrtrout 0 57 12-21-2018 , 02:44 AM
Last Post: mrtrout
  Third-Party Investigation Finds No Malicious Chips on Supermicro Motherboards mrtrout 0 49 12-12-2018 , 12:51 AM
Last Post: mrtrout
  New Crypto-Miner Attacks Linux Machines, Kills Other Miners and Anti-Malware mrtrout 0 76 11-26-2018 , 04:02 AM
Last Post: mrtrout
  Fake Apps in Google Play Get over Half a Million Installs tarekma7 0 126 11-22-2018 , 12:06 PM
Last Post: tarekma7
  Quick Heal finds over 180 million threats to Windows OS mrtrout 1 255 09-22-2018 , 07:28 AM
Last Post: tregs_beales

Forum Jump:

Users browsing this thread: 1 Guest(s)