Casa > cibernético Notícias > Cryptocurrency Miners on Google Play Posing as Apps

Mineiros criptomoeda no Google Play posando como Apps

mineiros criptomoeda ter infiltrado com sucesso na loja Google Play. Pesquisadores descobriram aplicativos com capacidades maliciosos direcionados para mineração criptomoeda. The apps were found to use dynamic JavaScript loading in combination with native code injection to bypass detection by security vendors.

TrendMicro researchers have detected these apps as Androidos_JSMiner and Androidos_CPUminer.

These are not the first cases of cryptocurrency miners targeting mobile devices and app stores. A previous such finding is a piece of miner detected in 2014, designed to mine Dogecoins and Litecoins for Bitcoin payout. The malware was dubbed Androidos_Kagecoin.

Story relacionado: CryptoLoot Coinhive Monero Miner - Como remover do seu PC

Androidos_JSMiner: Um olhar mais atento

There have been tech support scams and compromised websites deployed to deliver the Coinhive JavaScript cryptocurrency miner. Este torno do tempo, researchers detected two apps, part of the Androidos_JSMiner malware family, used for the same purpose.

Two apps were discoveredone supposedly helps users pray the rosary, while the other provides various discounts, pesquisadores explicam.

Both apps function the same way. Once installed on a device, they load the JavaScript library from Coinhive to start mining with the hacker’s site key.

If you have this miner running on your device, you would notice that the CPU usage is extremely high.

Androidos_CPUMiner: Um olhar mais atento

These apps exploit legitimate versions of apps by adding mining libraries to them. The legitimate apps are then repackaged and distributed to users.

Researchers were able to outline one version of this malware found in Google Play, disguised as a wallpaper application.

The mining code is most likely a modified version of the legitimate cpuminer library. The legitimate version is only up to 2.5.0, whereas this malicious version uses 2.5.1, pesquisadores apontar.

The mining code fetches a configuration file from the cybercriminal’s own server (which uses a dynamic DNS service) that provides information on its mining pool via the Stratum mining protocol.

Story relacionado: Guia de remoção rápida do CPU Miner

The research team has identified 25 samples of Androidos_CPUMiner.

Em conclusão, such malware samples showcase how mobile devices can also be exploited for cryptocurrency mining goals, despite the insufficient profit of mobile mining.

Além disso, Android users should pay close attention to installed apps, especially in case of degradation on their devices after installing an app.

The apps mentioned in this article are no longer available on Google Play but they may quickly be replaced with other apps. So be on the lookout!

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Compartilhar no Twitter chilrear
Compartilhar no Google Plus Compartilhar
Partilhar no Linkedin Compartilhar
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Partilhar no StumbleUpon Compartilhar