Google removes Android malware used to secretly mine bitcoin

Apr 27, 2014

If you own an Android device, your phone might be mining bitcoin without you even knowing it. Five applications were recently removed from the Google Play store after they were discovered to be covertly using Android devices to mine bitcoin.

Mining requires a lot of computing power to solve complex calculations in order to create more bitcoins. To get the job done, miners usually create systems with many computers.

But now, it seems that at least one miner has turned to malware to take advantage of unsuspecting users and add their into his or her mining system.

The mining apps that were recently removed worked by tricking users into downloading them by advertising themselves as wallpaper apps. Users thought they were getting an app with cool smartphone background images, but they were also getting an app that secretly used their device to mine bitcoin.

While users performed other tasks on their devices, the apps worked out bitcoin mining calculations in the background, draining users' batteries faster than normal.

Fortunately, the apps were removed by Google before any of them were downloaded by more than 500 users. The apps were first identified by Lookout, a company that makes security apps for mobile devices.

"Phones truly are tiny computers in your back pocket or purse," Lookout said in a blog post. "These devices are becoming more and more powerful, and people are starting to come up with ways to take advantage of that power."

Lookout has a system that constantly analyzes new apps for malware. It identified suspicious factors within these five apps, leading the company to examine them further. Lookout confirmed that they were malware apps mining bitcoin and then notified Google.

Lookout said it expects to see more mobile mining malware apps in the future.

"Unless you have mobile security software that scans your apps, such as Lookout, it'd be hard to tell if you're infected with mobile mining malware," said Michael Bentley, Lookout's head of research and response, in an email to the Los Angeles Times. "However, if your phone is rapidly losing battery power, overheating, or generally behaving outside what you would consider normal, mobile mining could be the issue."

The apps that were removed are Beating Heart Live Wallpaper, Mens Club Live Wallpaper, Epic Smoke Live Wallpaper, Urban Pulse Live Wallpaper, and Anime Girls Live Wallpaper. Lookout recommends that who installed these apps before they were taken off of Google Play remove them from their Android devices.

Explore further: Some British Airways frequent flier accounts miles breached

5 /5 (6 votes)
add to favorites email to friend print save as pdf

Related Stories

Android users get malware with their apps

Mar 02, 2011

( -- As new platforms make their way into the market there will always someone who is looking to exploit them for illegal or unethical ends. More proof of that fact has come today when Google was ...

Recommended for you

Does your password pass muster?

Mar 25, 2015

"Create a password" is a prompt familiar to anyone who's tried to buy a book from Amazon or register for a Google account. Equally familiar is that red / yellow / green bar that rates the new password's strength. ...

Beijing behind Internet security violation: group

Mar 25, 2015

China's cyberspace administration is "complicit" in attacks on major Internet companies including Google, an anti-censorship group said Wednesday, calling on firms worldwide to strengthen their defences.

House unveils cyber bill and signals bipartisan compromise

Mar 24, 2015

House intelligence committee leaders unveiled a bipartisan cybersecurity bill Tuesday amid signs of broad agreement on long-sought legislation that would allow private companies to share with the government details of how ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

not rated yet Apr 28, 2014
What strikes me about this is it's not people stupidly putting viruses on their computing devices, it's about stupid people making viruses. I'll grant that kits make creating viruses relatively simple, but still - consider the amount of bitcoin this activity is likely to produce vs. the effort that went into deploying it. And apparently no expectation it would be discovered.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.