Skip to main content

Android app by Indian developer caught mining bitcoins

Songs, an app probably used by a few million Indian Android users, was among the two apps recently caught covertly using smartphones for mining bitcoins and dogecoins. Security researchers at Trend Micro, a company that makes antivirus and other security applications, recently wrote in a blog that 'Songs' and 'Prized - Real Rewards & Prizes' were using smartphones to covertly mine for virtual currency. Mining virtual currency like bitcoin or dogecoin requires lots of computing power. If an app uses a smartphone to mine virtual currency, the process is likely to keep the processor running at 100%, resulting in poor battery life and heating of the device.
Trend Micro said the apps being used for bitcoin and dogecoin mining were injected with ANDROIDOS_KAGECOIN, a malware. "(Some) coin mining apps were found outside of the Google Play Store, but we have found the same behaviour in apps (Songs and Prized) inside the Google Play Store. These apps have been downloaded by millions of users, which means that there may be many Android devices out there being used to mine cryptocurrency for cybercriminals," a Veo Zhang, a mobile threat analyst with Trend Micro wrote in the blog.

"Analyzing the code of these apps reveal the cryptocurrency mining code inside. Unlike the other malicious apps, in these cases the mining only occurs when the device is charging, as the increased energy usage won't be noticed as much."

After the Trend Micro blog post, Prized and Songs were removed from the Play Store by Google.

Of the two, Songs was more popular. It was downloaded five to 10 million times and had a rating of 4 stars. Songs claimed to give users free access to Bollywood and songs in regional languages like Punjabi and Tamil.

On the Play Store, clicking on the developer's website specified in the description page of Songs let to an error. While the developer was listed as "Da Xpert" for the app, the email address of the app hinted it was created by one Mukesh Verma. TOI wrote to the specified email address, seeking response on the Trend Micro report, but did not receive any reply.

Trend Micro said that it believed "with thousands of affected devices, cybercriminal accumulated a great deal of dogecoins."

"Reading the app description and terms and conditions on the websites of these apps, users may not know that their devices may potentially be used as mining devices due to the murky language and vague terminology," wrote Zhang.

"Users with phones and tablets that are suddenly charging slowly, running hot, or quickly running out of batteries may want to consider if they have been exposed to this or similar threats," Zhang advised Android users.

Popular posts from this blog

LG’s first flexible OLED phone due before the year is out

LG plans to launch a flexible OLED smartphone before the end of the year, the company’s VP of mobile has confirmed, though it’s unclear to what extent the work-in-progress handset will actually flex. The OLED panel in question is the handiwork of LG Display according to VP of LG mobile Yoon Bu-hyun, the WSJ  reports, with the proposed device set to launch sometime in Q4. LG Display’s work on flexible OLEDs has been underway for some time, though the company’s efforts have perhaps been overshadowed somewhat by rival Samsung’s YOUM development. Last year, according to a Korea Times report, LG Display was preparing for

Bing Apps for Windows 8 get major updates

Late least year, Microsoft rolled out a half dozen Bing Apps for Windows 8 users, each one focused on a specific category, such as travel and sports. The apps were designed to offer “immersive vertical experiences,” and now, about six months later, a big line of updates for them is being pushed out. Users can grab the updates now by heading into the Windows Store and selecting the updates notification.

How to fix black spot on Phone Screen!

An honest talk about how to fix the damaged Phone screens in a very short time.