Monero [XMR] mining through hidden miners – Another android malware

This year in February Sophos a Cybersecurity firm found out 19 Android apps which load an example of the Coinhive script and was circulated in Google Play Store without user knowledge. The hackers followed the ploy of downloads and install units of which tricks like antivirus or adult content apps.

These apps download and install various units and these units carry out diverse activities changing from stealing SMS to forming proxy and mining Monero [XMR] and as there is so much of stress on the CPU, the phone becomes warm and also its speed is reduced. Likewise, HiddenMiner, an Android malware, has been found out by a Security firm, Trend Micro. This software is motorized to mine Monero. A comment from one of the users of Twitter is

“Hackers have become so sly that have started hiding Monero cryoptominers in a picture of Scarlett Johansson! “

In order to remain hidden, these apps contain the abuse device administrator features and run till there is no power left in the device or it fails due to overheating and by locking the screen’s device using an error in Android Operating system it preserves administrator rights.

Mining pools and wallets equivalent to the malware have been discovered by the canvassers and among which one of the pool operators withdrew a sum of $5,000 that is nearly 26 XMR.

With Trend Micro, a mobile threat expert wrote, that was same as the Loapi Monero-mining Android malware, which as per other security canvassers made a device’s battery to swell up. After canceling device administration permissions, the screen is locked and that was Loapi’s method which was similar to HiddenMiner’s.

A comment was made by Elliott, a Security researcher that he does not believe that those apps were the original apps. It has been adapted and repacked by the hacker and then he used several dropper apps to dispense such adapted apps. And just the names of the app and the package were changed and actually, that was the same app 291 times, which said that 291 applications with different icons and names existed.

A novel age of cryptocurrency hacking has been brought up by the emergency of apps like Coinminer, Loapi, etc. In order to prevent their phones from being used for unauthorized mining, Android users should abstain from installing APK’s from unauthorized sources and should only trust on tested apps on Google Playstore and other legal businesses.