Two Play Store apps secretly mine cryptocurrency

Trend Micro has recently published a report that two apps in Google’s Play Store were found to feature malware codes that allows it to mine crytpocurrency on Android devices without users’ knowledge.

songs_prizes_malware

The two apps mentioned were Songs by Da Xpert and Prized – Real Rewards & Prizes by Prized. According to Trend Micro, the apps feature the malware ANDROIDOS_KAGECOIN.HBTB that mines for various digital currencies like Bitcoin, Litecoin, and Dogecoin when installed on an Android device. It even has a specific instruction to only mine when the device is charging. Mined coins will then be transferred to the malware maker’s account then cashes them in.

dogecoinfigure7

Since mining for crytpocurrencies require a big deal of CPU and GPU resource, bandwidth, and power, it would cause devices to suddenly become hot, charge slowly, or quickly run out of battery.

Clever as the attack is, whoever carried it out may not have thought things through. Phones do not have sufficient performance to serve as effective miners. Users will also quickly notice the odd behavior of the miners – slow charging and excessively hot phones will all be seen, making the miner’s presence not particularly stealthy. Yes, they can gain money this way, but at a glacial pace.

Users with phones and tablets that are suddenly charging slowly, running hot, or quickly running out of batteries may want to consider if they have been exposed to this or similar threats. Also, just because an app has been downloaded from an app store – even Google Play – does not mean it is safe.

Trend Micro has already informed the Google Play security team about the issue. At the time of writing, the apps mentioned above are still available in the Play Store. Prized currently has at least 50,000 installs while Songs has been installed for at least 5,000,000 times.

{via} {source}

The post Two Play Store apps secretly mine cryptocurrency appeared first on YugaTech | Philippines, Tech News & Reviews.

Two Play Store apps secretly mine cryptocurrency

Trend Micro has recently published a report that two apps in Google’s Play Store were found to feature malware codes that allows it to mine crytpocurrency on Android devices without users’ knowledge.

songs_prizes_malware

The two apps mentioned were Songs by Da Xpert and Prized – Real Rewards & Prizes by Prized. According to Trend Micro, the apps feature the malware ANDROIDOS_KAGECOIN.HBTB that mines for various digital currencies like Bitcoin, Litecoin, and Dogecoin when installed on an Android device. It even has a specific instruction to only mine when the device is charging.

dogecoinfigure7

Since mining for crytpocurrencies require a big deal of CPU resource, bandwidth, and power, it would cause devices to suddenly become hot, charge slowly, or quickly run out of battery.

Clever as the attack is, whoever carried it out may not have thought things through. Phones do not have sufficient performance to serve as effective miners. Users will also quickly notice the odd behavior of the miners – slow charging and excessively hot phones will all be seen, making the miner’s presence not particularly stealthy. Yes, they can gain money this way, but at a glacial pace.

Users with phones and tablets that are suddenly charging slowly, running hot, or quickly running out of batteries may want to consider if they have been exposed to this or similar threats. Also, just because an app has been downloaded from an app store – even Google Play – does not mean it is safe.

Trend Micro has already informed the Google Play security team about the issue. At the time of writing, the apps mentioned above are still available in the Play Store. Prized currently has at least 50,000 installs while Songs has been installed for at least 5,000,000 times.

{via} {source}

The post Two Play Store apps secretly mine cryptocurrency appeared first on YugaTech | Philippines, Tech News & Reviews.

Kasperksy discovers most sophisticated Android Trojan

Kaspersky Labs recently posted at the SecureList.com blog page that they have discovered what appears to be “the most sophisticated Android Trojan,” the Backdoor.AndroidOS.Obad.a

evil_android

Roman Unuchek, a Kaspersky Lab Expert, wrote that the Android Trojan is “a multi-functional Trojan, capable of the following: sending SMS to premium-rate numbers; downloading other malware programs, installing them on the infected device and/or sending them further via Bluetooth; and remotely performing commands in the console.” Kaspersky Lab’s products detect the malicious program as Backdoor.AndroidOS.Obad.a.

The Backdoor.AndroidOS.Obad.a uses a series of previously unknown Android exploits and advanced concealment techniques to infect an Android device. The infection most likely starts as an innocent app or command asking for administrator privileges. Once installed the malicious application cannot be deleted and further digs into the system by obtaining root privileges.

android_malware

The malware then collects the following information then communicates them to its owner’s server in encrypted form:

* MAC address of the Bluetooth device
* Name of operator
* Telephone number
* IMEI
* Phone user’s account balance
* Whether or not Device Administrator privileges have been obtained
* Local time

Once the information listed above is sent, the malware owners can then execute commands on the infected device through SMS, eliminating the need for a working internet connection. From there the infected device can stealthily send charged SMS and spread to other devices via Bluetooth.

According Unuchek, the Backdoor.AndroidOS.Obad.a “looks closer to Windows malware than to other Android Trojans in terms of its complexity and the number of unpublished vulnerabilities it exploits.”

The good news is, despite its advanced capabilities, the malware isn’t widespread. Kaspersky Labs also already informed Google about the Device Administrator vulnerability in Android.

To conclude, as Android devices become more advanced, malware catering to this open source OS is rapidly evolving as well. It is still advisable to use mobile security solutions and practice caution when installing apps especially those coming outside the Google Play Store.

{via} {source} {image source}

The post Kasperksy discovers most sophisticated Android Trojan appeared first on YugaTech | Philippines, Tech News & Reviews.