Kaspersky Lab’s researchers have discovered that more and more cyber criminals are turning their attention to malicious software that mines cryptocurrencies at the expense of users’ mobile devices. These criminals are getting greedier and now use not only malware, but also risk tools, hiding mining capacities in popular football and VPN applications to profit from hundreds of thousands of victims without their knowledge.

 

When a computer show signs of slowing down, many tend to blame viruses. But in the case of smartphones — sluggishness, overheating, or short battery life are usually put down to age. Time to buy a new one, people say. In fact, there is a chance that the problem may lie elsewhere — hidden mining, to be precise.

 

When it comes to mining, computing power matters. Of course, in terms of performance, mobile devices cannot hope to compete with desktop computers armed with the latest graphics cards. But in the eyes of cybercriminals, the sheer number of devices makes up for their lack of power. For those accustomed to feeding off other people’s processing power, the millions of devices out there present an opportunity too juicy to ignore.

 

It’s actually alarmingly simple to infect a smartphone or tablet with a hidden miner. There’s no need for the device owner to knowingly install a miner or download an app from a dubious source. Hidden miners can be picked up by downloading and running seemingly innocuous apps available on the official Google Play store.

 

Miners on Google Play
Typical miners pretending to be handy tools or games don’t perform as described — instead, they show ads and covertly mine for cryptocurrency. But Google Play and other official stores keep out such fakes or, if they do manage to sneak in, quickly find and remove them. Therefore, malicious apps of this sort are distributed mainly through forums and nonofficial stores. The problem for cybercriminals is that too few people download anything from such resources.

 

But they found a way around that particular problem: If an app actually does what is promised in its description, and the malware is neatly disguised, it may slip through. That’s already happened — an attempt to create a smartphone-based botnet bypassed the safeguards on Google Play and a number of other app stores. Kaspersky Lab experts recently found several other specimens as well, this time with built-in miners.

 

The most popular apps we found of this type were soccer-related: a family of apps with names including PlacarTV (placar means score in Portuguese), one of which had been downloaded more than 100,000 times. It contained the Coinhive miner, which mined Monero coins while users streamed games. It’s a clever ruse, and not that easy to spot: Your mind is on the match, and watching videos heats up the phone and drains the battery anyway, just like the miner does, so you’ll have no reason to be suspicious.

 

Our experts also found a miner in a free VPN app called Vilny.net. This malware’s trick was to keep tabs on the phone’s temperature and battery. It then suspended mining as needed to avoid overheating or draining the device and attracting the owner’s attention.

 

A more detailed and technical post on this miner is available on Securelist.

 

Kaspersky Lab has alerted Google about these apps, and the soccer-related ones have been removed from the Google Play store — Vilny.net is still available in the store, though. What’s more, there is no guarantee that some other apps with hidden miners won’t sneak in there in the future. So staying safe from them is up to users.

 

“Our findings show that authors of malicious miners are expanding their resources and developing their tactics and approach to perform more effective crypto-currency mining. They are now using legitimate thematic applications with mining capacities to feed their greed. As such, they are able to capitalize on each user twice – firstly via an ad display, and secondly via discreet crypto-mining,” said Roman Unuchek, security researcher at
Kaspersky Lab.

 

How to guard against hidden miners on Android

  • If your smartphone is behaving oddly, don’t ignore it. If it heats up quickly and loses power for no apparent reason, it might be infected. You can find out if an app has suddenly started eating too much battery with a special app such as Kaspersky Battery Life (available from Google Play for free).
  • When looking for new apps, take the developers of those apps into account. Software from reputable developers is far less likely to contain infections.
  • Disable the ability to install applications from sources other than official app stores
  • Keep the OS version of your device up to date in order to reduce vulnerabilities in the software and lower the risk of attack

RECOMMENDED ARTICLE FOR TECHWORLD


 
Kaspersky Lab Reveals PH Threat Landscape, Advocates Public-Private Collaboration in its First CyberSecurity Summit with the DICT
Techworld Date Posted: 7 August 2017 11:27 AM | 258 Views
The Department of Information and Communications Technology (DICT) Secretary Rodolfo Salalima (second from left) shakes hand with Kaspersky Lab Asia Pacific Managing Director Stephan Neumeier (third from left) during the media briefing for their.... See More
 
Kaspersky Lab Reveals PH Threat Landscape, Advocates Public-Private Collaboration in its First CyberSecurity Summit with the DICT
Techworld Date Posted: 11:27 AM | 258 Views
The Department of Information and Communications Technology (DICT) Secretary Rodolfo Salalima (second from left) shakes hand with Kaspersky Lab Asia Pacific Managing Director Stephan Neumeier (third from left) during the media briefing for their...See More

 
Businesses Stuck in a DDoS-Daze as Ineffective Strategies Leave Them Vulnerable to Attack
Techworld Date Posted: 22 May 2018 10:15 AM | 309 Views
Research from Kaspersky Lab has revealed that businesses are falling behind in the race to protect themselves from Distributed Denial of Service (DDoS) attacks, due a reliance on others to do the job for.... See More
 
Businesses Stuck in a DDoS-Daze as Ineffective Strategies Leave Them Vulnerable to Attack
Techworld Date Posted: 10:15 AM | 309 Views
Research from Kaspersky Lab has revealed that businesses are falling behind in the race to protect themselves from Distributed Denial of Service (DDoS) attacks, due a reliance on others to do the job for...See More

 
Snake Oil: In Q2 Spammers Cashed in on WannaCry Epidemics to Promote Fraudulent Services for Protection against the Notorious Ransomware Attack
Techworld Date Posted: 4 September 2017 3:30 PM | 229 Views
In Q2 2017, cybercriminals involved in spam distribution tried to capitalize on public fears when the WannaCry ransomware epidemic struck in May. Knowing that there are lots of people out there infected with this.... See More
 
Snake Oil: In Q2 Spammers Cashed in on WannaCry Epidemics to Promote Fraudulent Services for Protection against the Notorious Ransomware Attack
Techworld Date Posted: 3:30 PM | 229 Views
In Q2 2017, cybercriminals involved in spam distribution tried to capitalize on public fears when the WannaCry ransomware epidemic struck in May. Knowing that there are lots of people out there infected with this...See More

 
AOC, the Number One Monitor Brand in PH, Kicks Off SM Cybermonth as Major Partner
Techworld Date Posted: 20 August 2018 11:00 AM | 455 Views
Philippines’ number one monitor brand, AOC, made their presence known during SM Cybermonth, which was held at the SM Mall of Asia last August 3 and 4, by providing monitors for the main events.... See More
 
AOC, the Number One Monitor Brand in PH, Kicks Off SM Cybermonth as Major Partner
Techworld Date Posted: 11:00 AM | 455 Views
Philippines’ number one monitor brand, AOC, made their presence known during SM Cybermonth, which was held at the SM Mall of Asia last August 3 and 4, by providing monitors for the main events...See More

 
Transcend Introduces High-Performance PCIe NVMe M.2 SSDs for Consumer and Embedded Applications
Techworld Date Posted: 21 May 2018 3:23 PM | 397 Views
Transcend Information Inc., a leading manufacturer of storage and multimedia products, announced today the release of the MTE110S PCIe NVMe M.2 2280 SSD for the consumer market and the MTE550T PCIe NVMe M.2 2280.... See More
 
Transcend Introduces High-Performance PCIe NVMe M.2 SSDs for Consumer and Embedded Applications
Techworld Date Posted: 3:23 PM | 397 Views
Transcend Information Inc., a leading manufacturer of storage and multimedia products, announced today the release of the MTE110S PCIe NVMe M.2 2280 SSD for the consumer market and the MTE550T PCIe NVMe M.2 2280...See More

 
Businesses Most at Risk from New Breed of Ransomware
Techworld Date Posted: 20 September 2017 9:35 AM | 330 Views
While ransomware has long been one of the main cyber threats to businesses, the past number of months have seen organizations more exposed than ever.Symantec's latest research paper on ransomwarehas found that businesses were.... See More
 
Businesses Most at Risk from New Breed of Ransomware
Techworld Date Posted: 9:35 AM | 330 Views
While ransomware has long been one of the main cyber threats to businesses, the past number of months have seen organizations more exposed than ever.Symantec's latest research paper on ransomwarehas found that businesses were...See More

 
OPPO F7 Breaks New Ground in Capturing True Beauty
Techworld Date Posted: 21 April 2018 1:52 PM | 562 Views
Now available for Philippine smartphone users, the all-new, highly anticipated OPPO F7 brings forth a new standard to smartphone photography with a new 25MP front-facing camera, powered by a best-in-class A.I. Beauty Technology 2.0.... See More
 
OPPO F7 Breaks New Ground in Capturing True Beauty
Techworld Date Posted: 1:52 PM | 562 Views
Now available for Philippine smartphone users, the all-new, highly anticipated OPPO F7 brings forth a new standard to smartphone photography with a new 25MP front-facing camera, powered by a best-in-class A.I. Beauty Technology 2.0...See More

 
CORSAIR Launches New PSU, Coolers and Case at CES 2018
Techworld Date Posted: 9 January 2018 1:50 PM | 296 Views
CORSAIR®, a world leader in enthusiast memory, high-performance gaming hardware and PC components, today launched a range of PC enthusiast products, equipped with a host of new innovations and features to help PC builders.... See More
 
CORSAIR Launches New PSU, Coolers and Case at CES 2018
Techworld Date Posted: 1:50 PM | 296 Views
CORSAIR®, a world leader in enthusiast memory, high-performance gaming hardware and PC components, today launched a range of PC enthusiast products, equipped with a host of new innovations and features to help PC builders...See More

 
Smart Eye: Kaspersky Lab Discovers Severe Flaws That Could Transform Popular Smart Cameras into Surveillance Tool
Techworld Date Posted: 13 March 2018 4:32 PM | 267 Views
Kaspersky Lab researchers have discovered multiple security vulnerabilities in popular smart cameras that are frequently used as baby monitors, or for internal home and office security surveillance. According to the research, the uncovered flaws.... See More
 
Smart Eye: Kaspersky Lab Discovers Severe Flaws That Could Transform Popular Smart Cameras into Surveillance Tool
Techworld Date Posted: 4:32 PM | 267 Views
Kaspersky Lab researchers have discovered multiple security vulnerabilities in popular smart cameras that are frequently used as baby monitors, or for internal home and office security surveillance. According to the research, the uncovered flaws...See More

 
Realme C1: King of Entry Level Smartphones Is Now Ready for Its First Flash Sale on December 5th 12NN
Techworld Date Posted: 4 December 2018 5:07 PM | 81 Views
Realme Philippines, the newest game changer smartphone brand in the Philippines recently unveiled its first smartphone in the country, the Realme C1.. See More
 
Realme C1: King of Entry Level Smartphones Is Now Ready for Its First Flash Sale on December 5th 12NN
Techworld Date Posted: 5:07 PM | 81 Views
Realme Philippines, the newest game changer smartphone brand in the Philippines recently unveiled its first smartphone in the country, the Realme C1.See More


Power by

Download Free AZ | Free Wordpress Themes