Skip to main content

Android app by Indian developer caught mining bitcoins


Songs, an app probably used by a few million Indian Android users, was among the two apps recently caught covertly using smartphones for mining bitcoins and dogecoins. Security researchers at Trend Micro, a company that makes antivirus and other security applications, recently wrote in a blog that 'Songs' and 'Prized - Real Rewards & Prizes' were using smartphones to covertly mine for virtual currency. Mining virtual currency like bitcoin or dogecoin requires lots of computing power. If an app uses a smartphone to mine virtual currency, the process is likely to keep the processor running at 100%, resulting in poor battery life and heating of the device.
Trend Micro said the apps being used for bitcoin and dogecoin mining were injected with ANDROIDOS_KAGECOIN, a malware. "(Some) coin mining apps were found outside of the Google Play Store, but we have found the same behaviour in apps (Songs and Prized) inside the Google Play Store. These apps have been downloaded by millions of users, which means that there may be many Android devices out there being used to mine cryptocurrency for cybercriminals," a Veo Zhang, a mobile threat analyst with Trend Micro wrote in the blog.

"Analyzing the code of these apps reveal the cryptocurrency mining code inside. Unlike the other malicious apps, in these cases the mining only occurs when the device is charging, as the increased energy usage won't be noticed as much."

After the Trend Micro blog post, Prized and Songs were removed from the Play Store by Google.

Of the two, Songs was more popular. It was downloaded five to 10 million times and had a rating of 4 stars. Songs claimed to give users free access to Bollywood and songs in regional languages like Punjabi and Tamil.

On the Play Store, clicking on the developer's website specified in the description page of Songs let to an error. While the developer was listed as "Da Xpert" for the app, the email address of the app hinted it was created by one Mukesh Verma. TOI wrote to the specified email address, seeking response on the Trend Micro report, but did not receive any reply.

Trend Micro said that it believed "with thousands of affected devices, cybercriminal accumulated a great deal of dogecoins."

"Reading the app description and terms and conditions on the websites of these apps, users may not know that their devices may potentially be used as mining devices due to the murky language and vague terminology," wrote Zhang.

"Users with phones and tablets that are suddenly charging slowly, running hot, or quickly running out of batteries may want to consider if they have been exposed to this or similar threats," Zhang advised Android users.

Popular posts from this blog

LG’s first flexible OLED phone due before the year is out

LG plans to launch a flexible OLED smartphone before the end of the year, the company’s VP of mobile has confirmed, though it’s unclear to what extent the work-in-progress handset will actually flex. The OLED panel in question is the handiwork of LG Display according to VP of LG mobile Yoon Bu-hyun, the WSJ  reports, with the proposed device set to launch sometime in Q4. LG Display’s work on flexible OLEDs has been underway for some time, though the company’s efforts have perhaps been overshadowed somewhat by rival Samsung’s YOUM development. Last year, according to a Korea Times report, LG Display was preparing for

Syrian Electronic Army claims credit for CBS Twitter accounts hack

Yesterday, several of CBS ’s Twitter accounts were hacked, including its main account, and its accounts for 60 Minutes, 48 Hours, and CBS Denver. The hackers got into the account and tweeted a series of things relating to President Obama and the United States being in cahoots with Al-Qaeda . The tweets also had links that led users to malware-infested sites. While CBS was able to regain access to its accounts, it was unable to figure out who was behind the attacks, until now. The Syrian Electronic Army , the same group that hacked 3 of the BBC’s Twitter accounts, claimed

Can Technology Do a Better Job of Finding Bombs?

 With the horrifying images of the Boston Marathon bombing still much too fresh in our minds, and with citywide marathons coming up this weekend in London, Hamburg, and Salt Lake City , law enforcement officers and citizens everywhere are asking how to prevent the tragedy from being repeated. As Columbia University School of International and Public Affairs adjunct professor Abraham Wagner observed last year, on the 11th anniversary of 9/11, there’s “no magic bullet o