It was only a matter of time before someone coded a piece of software which mines digital currencies without the phone’s owner having any idea of such mining taking place. In this case, it’s the ANDROIDOS_KAGECOIN.HBT malware, which mines Bitcoin, Litecoin and Dogecoin. As of right now, more than a million Android users have been affected.
The exploit, initially discovered by Trend Micro late last week, means that once the coins are mined, it immediately pays them to an address, hard-coded within the malware.
Of course, smartphones are extremely underpowered when it comes to the hardware requirements of mining coins at an acceptable rate, but if you combine the power of millions of smartphones, all mining at the same time, then you have one powerful supercomputer.
How to Prepare for CySEC’s New Tiered LeverageGo to article >>
Except, the coders behind the malware realise that their miner would be easily found out by the phones’ owners if it mined 24/7, since the battery would barely last for any respectable amount of time. Instead, the malware only mines for coins when the phone’s battery is being charged.
The strange thing is, the apps containing the infection were found inside the Google Play store. Even though the Android operating system accounts for the majority of malware found on smartphones, it’s rare to find them from within Google Play. Clearly, Google needs to beef up its security checks.
The malicious script is reported to have already acquired thousands of Dogecoins.