Rogue Android Apps Mine Currency From Your Phone​

Malicious hackers are always on the lookout for ways to make money without expending much effort, but their latest antics may yield more melted smartphones than actual money. Some innocuous-sounding Android apps apparently contain hidden software that "mines" the cryptocurrencies Bitcoin, Litecoin and Dogecoin; doing so can shorten battery life and overheat devices, but won't make much money in the process.

Reports of two similar — and possibly related — Android malware packages come from San Francisco-based security firm Lookout and Tokyo-based security firm Trend Micro. By piggybacking on apps with legitimate functions, the ANDROIDOS_KAGECOIN and CoinKrypt malware can turn any Android device into a cryptocurrency miner.

MORE: What Is Bitcoin?

Bitcoin, Litecoin and Dogecoin all share a few distinguishing traits. Proponents argue that they are safer than traditional credit-card purchases, as they do not tie a buyer to his or her personal information. Mining, or producing, cryptocurrency is, in theory, a mutually beneficial process: You volunteer your computer to carry out complex mathematical calculations, and in return, you slowly build up your own stock of coins.

Bitcoin is the most prominent form of cryptocurrency. Litecoin is a less valuable, more user-friendly version of the same idea, while Dogecoin started as a joke about a popular Internet meme involving a Shiba Inu dog and evolved into something approximating a legitimate form of currency.

What's troubling is when coin-mining programs come hidden in other programs. Corrupted versions of Android apps such as Football Manager Handheld, TuneIn Radio, Songs and Prized allegedly hide the ANDROIDOS_KAGECOIN and CoinKrypt software. Not only have some of these apps successfully made it past the theoretically rigorous Google Play screening process, but all four have millions of downloads among them. At least two were still available for installation in the Google Play store this morning (March 27).

The coin-mining malware cannot compromise any personal data, but they can still pose a threat to Android devices. Coin-mining software is extremely resource-intensive, especially when mining Bitcoin, and generally designed for powerful PCs.

While it's possible to run coin-mining processes on a phone or tablet, doing so rapidly drains the battery life within hours and can cause severe overheating. (At least one of the malware packages mines coins only when a device is recharging.) Since it transmits a great deal of information online, it can also eat through a user's data plan at a fantastic rate.

In theory, if enough users install and use these programs, the mastermind behind the malware could make some money. However, even with millions of users, generating enough data to mine Bitcoins would be incredibly inefficient. This may be why both malware packages also mine less valuable currencies, like Litecoin and Dogecoin, which require fewer functions to generate a coin.

If you've downloaded one of the infected apps, simply uninstalling it should get rid of the mining operation. Failing that, a mobile security suite can also get rid of the offending software.

Follow Marshall Honorof @marshallhonorofand on Google+. Follow us @tomsguide, on Facebook and on Google+.

Create a new thread in the Streaming Video & TVs forum about this subject
This thread is closed for comments
    Your comment
    Kinda smart ingenious lol, 100k phones could do a lot!
  • house70
    I am not buying this. Not only the mining process would be extremely slow and resource-hungry, but also very unyielding, since processing power needed to generate currency is well above what a smartphone can do. Besides, any user that has his device drained in a couple of hours would recourse to any means necessary to solve that, including factory reset. I call complete BS on this "find" from, guess who? two companies that want to sell you their apps. As a complete irony, as of my writing, the first 3 comments on this article are spam, 2 of them linking to spamming websites.
  • techguy911
    LOL bit coin mining on a cell phone even a quad core is not powerful enough to mine anything hell even a top end gaming system does not have enough power to break even on the power cost used to mine bitcoins.CPU's are useless for bitcoin mining the difficulty level is much to high even for GPU mining.