Some Android apps found mining cryptocurrencies via code injection


It seems like every week we’re writing a new story about Android malware. A new report from Trend Micro suggests several apps on Google Play have been using native code injection to load dynamic JavaScript script in order to mine cryptocurrency. Two apps in particular were discovered using this method which can increase the wear and tear on your device, reduce battery life,  and it can lead to a significant decrease in performance for your device.

Trend Micro detected the malicious code being used in two apps, both of which have over 50,000 downloads on the Google Play Store. One is a rosary app, while the other is designed to help you find discounts from various sites.

Both apps work the same way by loading a JavaScript library from Coinhive and begin mining using the attacker’s Coinhive site key. Trend Micro was able to analyze some of the samples of code to determine that these malicious apps are generating a profit for their users. In one example, the attacker made over $170 USD over an unknown period.

Trend Micro has alerted Google to the offending apps and they’ve since been removed from the Google Play Store, but this is just more evidence that you shouldn’t install some of the shadier apps without knowing fully what they do.
Writer, gamer, and classical music whistler. I have an undying love of indie games and unique apps.

    Moto X4 is now available for purchase, price starts at $329

    Previous article

    T-Mobile support page leaks upcoming HTC U11 Life in full glory

    Next article

    You may also like


    Leave a reply

    Your email address will not be published. Required fields are marked *

    More in Apps