Security experts warn of bitcoin mining malware

26 Apr 2014

Security experts have warned that Android owners who find their battery life failing could have had their phones hijacked by hackers for use in mining bitcoin, Mailonline reported.

They discovered 'rogue' apps that allowed hackers to mine for bitcoin in the background.

Although Google had already removed dozens of the apps, security firm Lookout warned there could be more out there.

According to researchers the rogue apps were available in Google's Play store - and secretly mined bitcoin in the background.

According to researchers the key signs were rapidly depleting battery and a handset that felt unusually warm.

They have also advised to ensure that the Android system setting 'Unknown sources' was unchecked to prevent installation of dropped or drive-by-download apps.

As a first line security measure users could download a mobile security app that protected against malware.

According to the firm it found a piece of mobile malware in Google Play that quietly used the processing power of the phone to create new coins.

Google removed five of these applications after Lookout alerted the company on the issue, but it was believed the apps had between 100-500 installs each at the time of removal.

The malware was similar to other mobile cryptocurrency-mining malware, but it came with some new tricks to keep it under the  radar, including only running when the display was turned off, the battery power was more than 50 per cent, with the device connected to the internet, according to Michael Bentley, head of research and response with Lookout, the mobile security company that discovered the malicious apps, SC Magazine reported.

Since Bitcoin mining required so much computing power, batteries ended up draining quickly and mobile devices tended to overheat, so the BadLepricon author implemented the aforementioned features to help prevent the malware from giving itself away.

However, mobile malware, in the final analysis was not the best way to go when it came to mining Bitcoin.

Bently said it was actually very inefficient, and in order to be successful in using mobile mining malware, one needed to have a network of thousands of phones at one's disposal. 

However, the processing power on phones was increasing and the more powerful these devices got, the more people would experiment with digital coin mining on them.

Although Google had an excellent screening process, certain malicious apps still were able to make it to the Google Play store due to the  arena being new and the fact that security had not been perfected.