Researchers searching through the official Google Play store have dug up a trove of Android apps that were found to be mining bitcoin, the popular crypto-currency.
Smartphones can mine bitcoins, but at an unpleasant rate. The newly uncovered, BadLepricon, as named by its creators, appears to be the newest malicious bitcoin miner targeting the smartphone market. The BadLepricon bitcoin miner was found to be hidden inside five Google Play store applications. Each application was reported to have anywhere from 100 to 500 downloads each.
Google promptly removed the malicious applications from the Play store after security research firm, Lookout, reported them. This is not the first time malicious bitcoin mining applications have been uploaded to the Google Play store. Just last month security researchers at Lookout spotted a collection of applications laced with the Coinkrypt malware. The applications spotted last month were recorded to have over six million downloads in total.
The applications reported to be distributing BadLepricon were wallpaper applications. Meghan Kelly at Lookout security stated, “These apps did fulfill their advertised purpose in that they provided live wallpaper apps, which vary in theme from anime girls to “epic smoke” to attractive men” in a blog post. “However, without alerting you in the terms of service, BadLepricon enters into an infinite loop where — every five seconds — it checks the battery level, connectivity, and whether the phone’s display was on.”
The malicious bitcoin miner had a unique way of keeping off the radar. BadLepricon only mined coins when the battery level was of 50 percent or higher, to prevent victims from knowing their device was infected. While the application did check for battery life, it in turn most likely damaged devices. Bitcoin mining can be a vigorous action using a number of hardware resources. While BadLepricon was mining, the device would most likely heat up, slow down, and cause the device to overheat or abuse the processing power to extreme lengths.
Security researchers report the BadLepricon malware was laced with various features. Unique features included the ability to seamlessly change mining pools, or Bitcoin wallets.
The discovery of malicious applications inside the Google Play store is a struggle for Android users who depend on their smartphone to be the “all-on-one” and retain private data. The regular discovery of malicious and fraudulent applications is troubling to say the least. Many researchers ask why third party security firms are frequently spotting these applications before Google?