Cryptocoin Mining Malware Infects Millions Of Android Devices

A security research firm has found at least two apps in the Google Play store that include code for mining cryptocoin. Researchers at Trend Micro identified the apps as “Songs” and “Prized.” Since both of the apps in question have been downloaded between one million and five million times, it is possible that as many as ten million Android devices have been infected with the cryptocoin-mining code.

The discovery is significant because of the high number of downloads both of the apps have received, and because both of the apps were available for download in the Google Play store. It is not uncommon for hackers to append cryptocoin-mining code to repackaged versions of popular apps and make them available for download outside of the Google Play store, but the fact that two popular apps available inside the official Android marketplace were infected with the malware raises serious concerns about the security of Google Play in general.

According to technology expert, Jason Hope, ( the Play store’s status as an open marketplace is bound to raise security concerns.

“We’re talking about two major apps that have both been downloaded millions of times, not just some small-time thing that was thrown together by a fly-by-night operation,” explained Mr. Hope. “Google Play was always meant to be a relatively open platform, and that’s always been a good thing in terms of innovation and the variety of apps that were available for download. However, with that openness was always going to come some degree of risk. How Google responds to this announcement will say a lot about how much of a priority security really is for them.”

The mining code seizes control of a mobile device’s processing capability once it detects that the device is connected to the Internet. The miner will then operate in the background while connected to an anonymous mining pool, without the owner’s awareness. The extra processing power and battery life that the miner saps from the devices can cause numerous problems for devices owners, including the need to charge batteries frequently, which can in turn cause the battery to wear down over time and eventually require replacement.

The Trend Micro report said that the apps it identified actually did include a request to run the miner in the terms and conditions that users are required to agree with when downloading the apps. However, the report says that most users agreed to download the apps anyway because of the vague language used in the terms and conditions. According to the tech expert, this highlights one of the key problems with security in the Play store.

“It’s one thing to ask for disclosure in terms and conditions statements, but it’s another thing entirely to require terms and conditions that people can actually understand. The average app user is not a lawyer, so they may not have any idea what they’re agreeing to when they click “OK” to install an app. This is just one particularly blatant example of app manufacturers using vague language to bamboozle users, but it’s something that happens all the time, even with legitimate app developers.”

The announcement also creates more questions about the security of cryptocoin, in the wake of the recent Mt. Gox insolvency. The bitcoin exchange, which was the largest and most visible crytocoin exchange in the world at the time, lost as much as $400 million worth of bitcoin due to poor security. Even though the code in question was taken from a legitimate cryptocoin mining app and then repurposed as malware, just the very fact that cryptocoin was associated with a security breach could be enough to give observers a bad feeling.

“It’s only been in the past year or so that your average consumer started to become aware of cryptocoin, and then we had Mt. Gox, which was an absolute fiasco, from a public relations standpoint. The whole idea of cryptocurrency is that it’s supposed to exist as a part of an open community, without the need for governmental regulations. If we keep getting one story after another that seems to indicate that the community isn’t functioning properly, that really draws into question what future cryptocoin has on a large scale.”

About Author:  Amy Taylor is a business and technology writer.  Amy began her career as a small business owner in Phoenix, AZ.  She enjoys writing about business technology trends.  When she isn’t writing, she enjoys hiking with her Alaskan Malamute, Sam.