This article has been created in order to help explain what is Coin Miner mobile malware and how to remove it from your Android device effectively.
Mobile devices hashing for cryptocurriencies is something that is out of a science fiction movie. However, an experiment did take place using old Samsing Galaxy smartphones to mine for crypto. The fact that smartphones hashing power can also be used for mining cryptocurrency such as Bitcoin has brought mining malware to mobile devices as well, hiding behind malicious applications on the Google PlayStore. According to Trend Micro, those apps were advertised as legitimate applications seem helpful. In reality however, they begin to use the mobile device’s resources in order to mine for cryptocurrencies, such as Bitcoin and Monero as well as multiple altcoins. Since they both belong to the Coin Miner family of viruses, if you have seen your smartphone to become slow, and freeze at times, recommendations are to read this article and learn how to remove the Android Coin Miner malware effectively from your computer.
Threat Summary
Name | Android Miner Virus |
Type | Android Miner Malware |
Short Description | Uses JavaScript to mine for cryptocurrencies on your smartphone or tablet Android device. |
Symptoms | A “lid” named folder, created on your Android device’s flash memory. |
Distribution Method | Via applications uploaded on Google Play store, containing malicious JavaScript code.. |
Detection Tool |
See If Your System Has Been Affected by malware
Download
Malware Removal Tool
|
User Experience | Join Our Forum to Discuss Android Miner Virus. |
Android Miner Virus How Did I Get It
There are several variations of the Android Miner family of viruses, most of them using the Coinive JavaScript to connect the victim’s Android device to a Coinhive miner account. The detections are known to be the following, according to Trend Micro’s report:
- ANDROIDOS_JSMINER
- ANDROIDOS_CPUMINER
- ANDROIDOS_KAGECOIN
There is one way that these apps use to slither onto your computer – false advertising. They are reported to pretend to be legitimate applications that can help improve your smartphone experience In one way or another. The following applications have been flagged since the first detection, but malware researchers feel convinced that there may be more of those types:
Source: Trend Micro
Android Miner Virus – Analysis
The way these apps work is after you download them and install them on the Android device, they trigger the Coinhive JavaScript library code:
This code connects your device to a mining pool for the crypto-currency Monero. This results in the miner malware being able to mine for the crypto-currency BitCoin. This may result in the cryptocurrency being mined to the account of the cyber-criminals at your smartphone’s expense. The cyber-crooks strongly rely on infecting as many devices as possible, because unlike with computers, on smartphones you cannot have the possibility to check which process is using your GPU and CPU to mine. They also expect to infect a lot of devices, because the hashing power strongly increases, so Android users, beweare.
Some of those miners do not only connect to big cryptocurrencies, but use easily minable ones, such as:
- Magicoin
- Feathercoin
- VertCoin
- MiriyadCoin
- Unitus
The mining procedure also results in a folder created on the Android device’s flash memory. The mining operaion can generate a lot of money for cyber-crooks, especially if a lot of devices are infected. Researchers believe that such applications and malware is only likely to increase by the numbers in the future.
Remove Android Miner Virus from Your Android
In order to remove this malware, a simple deletion of the app won’t cut it, because a JavaScript code is created on your Android device. This results in the malware being able to stay persistent on your device, even after you remove the app. This is why we have created the removal instructions down below.
- Guide 1: How to Remove Android Miner Virus from Windows.
- Guide 2: Get rid of Android Miner Virus from Mac OS X.
- Guide 3: Remove Android Miner Virus from Google Chrome.
- Guide 4: Erase Android Miner Virus from Mozilla Firefox.
- Guide 5: Uninstall Android Miner Virus from Microsoft Edge.
- Guide 6: Remove Android Miner Virus from Safari.
- Guide 7: Eliminate Android Miner Virus from Internet Explorer.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer
How to Remove Android Miner Virus from Windows.
Step 1: Boot Your PC In Safe Mode to isolate and remove Android Miner Virus





Step 2: Uninstall Android Miner Virus and related software from Windows
Here is a method in few easy steps that should be able to uninstall most programs. No matter if you are using Windows 10, 8, 7, Vista or XP, those steps will get the job done. Dragging the program or its folder to the recycle bin can be a very bad decision. If you do that, bits and pieces of the program are left behind, and that can lead to unstable work of your PC, errors with the file type associations and other unpleasant activities. The proper way to get a program off your computer is to Uninstall it. To do that:



Step 3: Clean any registries, created by Android Miner Virus on your computer.
The usually targeted registries of Windows machines are the following:
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
You can access them by opening the Windows registry editor and deleting any values, created by Android Miner Virus there. This can happen by following the steps underneath:



Before starting "Step 4", please boot back into Normal mode, in case you are currently in Safe Mode.
This will enable you to install and use SpyHunter 5 successfully.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer
Get rid of Android Miner Virus from Mac OS X.
Step 1: Uninstall Android Miner Virus and remove related files and objects
1. Hit the ⇧+⌘+U keys to open Utilities. Another way is to click on “Go” and then click “Utilities”, like the image below shows:
- Go to Finder.
- In the search bar type the name of the app that you want to remove.
- Above the search bar change the two drop down menus to “System Files” and “Are Included” so that you can see all of the files associated with the application you want to remove. Bear in mind that some of the files may not be related to the app so be very careful which files you delete.
- If all of the files are related, hold the ⌘+A buttons to select them and then drive them to “Trash”.
In case you cannot remove Android Miner Virus via Step 1 above:
In case you cannot find the virus files and objects in your Applications or other places we have shown above, you can manually look for them in the Libraries of your Mac. But before doing this, please read the disclaimer below:
You can repeat the same procedure with the following other Library directories:
→ ~/Library/LaunchAgents
/Library/LaunchDaemons
Tip: ~ is there on purpose, because it leads to more LaunchAgents.
Step 2: Scan for and remove Android Miner Virus files from your Mac
When you are facing problems on your Mac as a result of unwanted scripts and programs such as Android Miner Virus, the recommended way of eliminating the threat is by using an anti-malware program. SpyHunter for Mac offers advanced security features along with other modules that will improve your Mac’s security and protect it in the future.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer
Remove Android Miner Virus from Google Chrome.
Step 1: Start Google Chrome and open the drop menu
Step 2: Move the cursor over "Tools" and then from the extended menu choose "Extensions"
Step 3: From the opened "Extensions" menu locate the unwanted extension and click on its "Remove" button.
Step 4: After the extension is removed, restart Google Chrome by closing it from the red "X" button at the top right corner and start it again.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer
Erase Android Miner Virus from Mozilla Firefox.
Step 1: Start Mozilla Firefox. Open the menu window
Step 2: Select the "Add-ons" icon from the menu.
Step 3: Select the unwanted extension and click "Remove"
Step 4: After the extension is removed, restart Mozilla Firefox by closing it from the red "X" button at the top right corner and start it again.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer
Uninstall Android Miner Virus from Microsoft Edge.
Step 1: Start Edge browser.
Step 2: Open the drop menu by clicking on the icon at the top right corner.
Step 3: From the drop menu select "Extensions".
Step 4: Choose the suspected malicious extension you want to remove and then click on the gear icon.
Step 5: Remove the malicious extension by scrolling down and then clicking on Uninstall.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer
Remove Android Miner Virus from Safari.
Step 1: Start the Safari app.
Step 2: After hovering your mouse cursor to the top of the screen, click on the Safari text to open its drop down menu.
Step 3: From the menu, click on "Preferences".
Step 4: After that, select the 'Extensions' Tab.
Step 5: Click once on the extension you want to remove.
Step 6: Click 'Uninstall'.
A pop-up window will appear asking for confirmation to uninstall the extension. Select 'Uninstall' again, and the Android Miner Virus will be removed.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer
Eliminate Android Miner Virus from Internet Explorer.
Step 1: Start Internet Explorer.
Step 2: Click on the gear icon labeled 'Tools' to open the drop menu and select 'Manage Add-ons'
Step 3: In the 'Manage Add-ons' window.
Step 4: Select the extension you want to remove and then click 'Disable'. A pop-up window will appear to inform you that you are about to disable the selected extension, and some more add-ons might be disabled as well. Leave all the boxes checked, and click 'Disable'.
Step 5: After the unwanted extension has been removed, restart Internet Explorer by closing it from the red 'X' button located at the top right corner and start it again.