Hackers Are Using Google Play Store Apps to Secretly Mine Cryptocurrencies

Cryptocurrencies have gained a lot of momentum over the last few years. The value of digital coins like Bitcoin has grown exponentially and as such, it seems that everyone is looking to get their hands on a few coins here and there. There are two simple ways you can explore to get your hands on the coins. The first option is to buy them from someone who owns them. This might not be the most affordable idea. After all, coins like Bitcoin are now going for as high as $11,000.

The second option is to actually mine the coins. Mining is basically the process of generating the coins using computers and other devices. The process involves solving a lot of complex mathematical problems. You will need very high processing power to do this. But people are doing it and it turns out that hackers are actually using some apps on the Google Play Store to mine coins on Android devices.

Sin título

According to a cyber security company called Sophos, 19 apps that are actively used to mine cryptocurrencies on the Android platform were discovered on Google Play Store for PC. The apps are designed to mine the Monero coin. The 13-page report by the security company said that they found apps within the Play Store that contained a Coinhive miner.

The scale in which these apps have been used is also very shocking. The Sophos report says that one of the listed apps has been installed tens of thousands of times. For example, the Algorithms and Data Structures tutorial app has been installed between 10,000 and 50,000 times.

Sin título

However, this doesn’t come as a surprise. For many cyber security experts, the current crypto craze has been pushing hackers to a whole new level. Leveraging on other people’s devices to mine coins is not just simple but also very clever. What makes this even worse is that the malicious Coinhive code that’s used to mine the currencies is very well hidden. It can run on the background of any device without the user knowing it.

However, because the process of mining requires a lot of processing power, the only hint you can get is your phone slowing down unexpectedly. In addition to this, the device might warm up without too much activity. But the hackers have already gotten smarter at this. Sophos notes that the criminals are actually employing CPU throttling to prevent the processor from heating up. This practically conceals Coinhive’s presence and it will take a thorough inspection for anyone to know what’s going on.

The cyber security company also added that the hackers are hiding the malicious JavaScript code in a HTML file located in the apps assets folders. The app runs these scripts in a hidden web browser located within the program. This is when the mining of Monero starts.

But this is not the only way that hackers are using to take control of user’s devices to mine cryptocurrencies at Google Play Store for PC. Sophos says that that the use of “third-party mining modules” has become quite popular. The most commonly used third-party module is known as CoinMiner. The audit by Sophos found that several popular apps on Google Play Store had been tampered with using these third-party mining modules.

However, some of the affected applications have already been eliminated by Google. The report by Sophos is a clear indication that Android devices are no longer safe from the grasp of hackers who use them to mine digital currencies. However, this is not new information. An earlier report released by a different company called Malwarebytes revealed that there are uniquely developed malwares that could mine cryptocurrencies quietly on Android devices without the users knowing it.

The company also found a lot of websites that took advantage of users who visited them to mine Monero. All you need to do is enter a CAPTCHA code and your device will be hooked. For a regular Android user, knowing what apps are legit on Play Store download for PC and which ones they should avoid can be very hard. However, you still have to do whatever you can to avoid these malicious apps.

Sophos says that the best way to take care of this issue is to avoid installing apps from third-party providers. Sophos has also developed a new mobile security app that’s designed to detect cryptocurrency mining on the background. The company strongly recommends the installation of this security app.

Although avoiding third-party apps is a good start, from the recent audit at Play Store download for PC, it’s clear that these malwares have managed to infiltrate even the Play Store. Having an extra layer of security is definitely a big advantage. Nonetheless, this won’t be the last time that we will hear hackers using malware to mine cryptocurrencies in other people’s devices.