So far the attacker, whose Dogecoin wallet address can be derived from the source code, has already carried out operations involving 1,853 Dogecoins. This sum was raised in just three days. The Dogecoins collected have a conversion value of about €1.94 (as of 26 February 2014). Even though this only sounds like a small amount, one must not lose sight of the fact that the attacker gets this without actually doing anything and that this amount will continue to increase. The more users install his malicious app and the longer it remains on the devices, the faster the amount will increase. Any increase in the Dogecoin exchange rate could also rapidly improve the yield.

Of course, the performance is subject to fluctuations in the exchange rate for cryptocurrencies. Since the launch of Dogecoin, exchange rates for the currency have increased significantly, peaking in early February. Events surrounding the shutdown of the MtGox platform, for example, led to a drop in the rate, although it was already at a high. Before the drop in rates 14 days ago, the 1,853 Dogecoins collected so far were valued at €3.50.

The infected user is left with nothing

The damage that the app can do is diverse. In particular, the high load on the CPU or indeed on multiple CPUs, which varies from device to device, can cause excessive wear and potentially cause the mobile device to malfunction sooner. This damage is irreparable and will very probably be a mystery to the user, not to mention more than annoying.

Furthermore the malicious app generates data traffic. Even though this turns out to be small according to the current analysis, it can give rise to additional costs for users on mobile tariffs that do not have unlimited data volumes. Yet even this expenditure will probably go unnoticed by the user.

The only clues that might quickly raise a user's suspicions are the increased battery usage and the heat from the mobile phone, due to the constant high load at times when the user is not actively using the device. You can even see the battery consumption in the Android system logs. However, the "Google Service" disguise will very probably come into play again here. Barely a single user will question such battery consumption, assuming it is a system process.