Android Miner Virus (Coin Miner) – How to Remove It from Your Mobile
THREAT REMOVAL

Android Miner Virus (Coin Miner) – How to Remove It from Your Mobile

How-to-Stop-Coinhive-Miner-from-Using-PC-ResourcesThis article has been created in order to help explain what is Coin Miner mobile malware and how to remove it from your Android device effectively.

Mobile devices hashing for cryptocurriencies is something that is out of a science fiction movie. However, an experiment did take place using old Samsing Galaxy smartphones to mine for crypto. The fact that smartphones hashing power can also be used for mining crypto has brought mining malware to mobile devices as well, hiding behind malicious applications on the Google PlayStore. According to Trend Micro, those apps were advertised as legitimate applications seem helpful. In reality however, they begin to use the mobile device’s resources in order to mine for cryptocurrencies, such as Bitcoin and Monero as well as multiple altcoins. Since they both belong to the Coin Miner family of viruses, if you have seen your smartphone to become slow, and freeze at times, recommendations are to read this article and learn how to remove the Android Coin Miner malware effectively from your computer.

Threat Summary

NameAndroid Miner Virus
TypeAndroid Miner Malware
Short DescriptionUses JavaScript to mine for cryptocurrencies on your smartphone or tablet Android device.
SymptomsA “lid” named folder, created on your Android device’s flash memory.
Distribution MethodVia applications uploaded on Google Play store, containing malicious JavaScript code..
Detection Tool See If Your System Has Been Affected by Android Miner Virus

Download

Malware Removal Tool

User ExperienceJoin Our Forum to Discuss Android Miner Virus.

Android Miner Virus How Did I Get It

There are several variations of the Android Miner family of viruses, most of them using the Coinive JavaScript to connect the victim’s Android device to a Coinhive miner account. The detections are known to be the following, according to Trend Micro’s report:

  • ANDROIDOS_JSMINER
  • ANDROIDOS_CPUMINER
  • ANDROIDOS_KAGECOIN

There is one way that these apps use to slither onto your computer – false advertising. They are reported to pretend to be legitimate applications that can help improve your smartphone experience In one way or another. The following applications have been flagged since the first detection, but malware researchers feel convinced that there may be more of those types:

Source: Trend Micro

Android Miner Virus – Analysis

The way these apps work is after you download them and install them on the Android device, they trigger the Coinhive JavaScript library code:

Source: Trend Micro

This code connects your device to a mining pool for the crypto-currency Monero. This results in the miner malware being able to mine for the crypto-currency BitCoin. This may result in the cryptocurrency being mined to the account of the cyber-criminals at your smartphone’s expense. The cyber-crooks strongly rely on infecting as many devices as possible, because unlike with computers, on smartphones you cannot have the possibility to check which process is using your GPU and CPU to mine. They also expect to infect a lot of devices, because the hashing power strongly increases, so Android users, beweare.

Some of those miners do not only connect to big cryptocurrencies, but use easily minable ones, such as:

  • Magicoin
  • Feathercoin
  • VertCoin
  • MiriyadCoin
  • Unitus

The mining procedure also results in a folder created on the Android device’s flash memory. The mining operaion can generate a lot of money for cyber-crooks, especially if a lot of devices are infected. Researchers believe that such applications and malware is only likely to increase by the numbers in the future.

Remove Android Miner Virus from Your Android

In order to remove this malware, a simple deletion of the app won’t cut it, because a JavaScript code is created on your Android device. This results in the malware being able to stay persistent on your device, even after you remove the app. This is why we have created the removal instructions down below. They are designed in order to help you by showing how to delete this virus completely. Furthermore, be advised that according to security experts, the most effective way to remove this malware is to use an advanced anti-malware solution which will automatically scan for the malicious files of the Android Miner Virus and remove them completely and automatically, while securing your smartphone against future infections.

Since manually removing Android Miner Virus may erase your data, we have suggested several methods to do it effectively and safely in case you have an Android device in the step-by-step instructions below. If you want to skip these steps and remove Android Miner Virus automatically, we suggest that you download an advanced anti-malware solution which will protect your device against any future intrusions.

1. Back up the data on your device

Back up the data on your phone

CAUTION! Before attempting any removals and drive formatting on your device, you should know that it is essential to save all your important contacts and files from your phone. There are several methods to backup your files:

Method I: Using online backup software or a memory card if the device supports it.

Method II: Connecting to another device and copying the data directly.

This is a bit risky option since the device may have malware on it. This is why, first you need to enter the device’s Safe Mode:

For RAZR Droid Devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.

2.Switch the phone on.

3.You should see a Motorola Dual Core screen appearing. You should press and hold the Volume up, and Volume Down keys on the side of the smartphone. Hold them until the lock screen shows up with ‘Safe Mode’ written in the lower corner.

For HTC Devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.

2.Turn on your phone while simultaneously holding down the Menu Button. When it starts, keep pressing the Menu Button until you see ‘Safe Mode’ menu appearing in the lower corner.

For Nexus devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.
2.Turn on the phone.
3.When the welcome Logo Screen shows up, hold the trackball while pressing it until a lock screen shows up, or you see ‘Safe Mode’ written in the bottom corner.

For Other Motorola Devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.
2.Hold down the Menu Button after you press it while turning on the phone. When it boots, hold the button down upon seeing the lock screen or feeling the phone vibrate.

For Moto G Devices:
1.Press the Power Button and hold it on until the list with options pop-up.
2.Hold the Power off button and wait for a ‘Reboot to Safe Mode’ option to appear.
3.Tap it and let the phone reset.

For Samsung Galaxy Devices:

1.While the device is on, hold down the Power Button and wait for the Options List.
2.Wait for a ‘Restart to Safe Mode’ option to appear.
3.Choose this setting. The device will restart.

For Apple Devices:

1. While your device is locked, hold down the Power Button and the Home Button until you see a white Apple logo.
2. Once you see the logo, let go from those buttons and start holding the Volume Up button. (Give it a little time to boot up)
3. Now the phone should boot in Safe Mode without any third-parties running.

And now it is time to proceed by doing the actual backup:

Android

1. Connect your device via USB to a computer and select Use as a Media Device. You may also see use as file transfer option.
2. Go to your phone from My Computer and copy all the files you need.
3. If the phone has an option to install its drivers onto your computer, select it and install them since this will simplify the process of copying your contact list on your computer.

2. Hard-reset your device and remove Android Miner Virus

Hard-Reset Your Smartphone

For Android Devices:

After you have backed up your files, you should perform a clean wipe-out of your phone. This can happen either via one of the options in Safe Mode or by entering your device’s Recovery Mode. Several methods exist in order to enter Recovery Mode of your device:

reboot-system

For Nexus Devices: – Hold the Volume Down + Volume Up + Power button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset option. Nexus 4 may work with Volume Up + Power + Volume Down.

For Samsung Devices: – Hold the Volume Up + Power Button + Home Button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset option.

For Motorola Droid X Devices: Hold the Home Button + Power Button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset setting.

For other devices with camera buttons on them: Hold the Volume Up + Camera Button until a Recovery Menu appears. After this, you should choose the Wipe Data/Factory reset option.

Also in case you have backed up your device in a Google Account, you will be able to restore your data after a complete wipe-out by just logging into your Google Account with you email and password.

Avatar

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...