Two popular Android Apps discovered to discreetly mine Cryptocurrency

google.play

Everyone’s heard the talk about Android malware and suspicious apps lurking in the dark corners of Google Play – it’s nothing new. What is new however is the fact that two popular apps have been discovered to secretly mine for Cryptocurrency unbeknownst to the person who downloaded the app.

The apps in question are “Songs” from developer Da Xpert, and “Prized” from Social Token Mobile. Both apps are said to have been downloaded millions of time, and while Prized is currently no longer in the Play Store, Songs is still up at the time of this writing and has between 1,000,000 and 5,000,000 downloads.

While we couldn’t check out “Prized” we did give “Songs” a look and it’s one of those apps that screams “don’t download” if you know a lot about the Play Store and bad apps/malware. Problem is, your average Joe isn’t going to think that and Google lets some of the crappiest apps in the world through the gates.

While we won’t go into the whole Bitcoin mining thing, the apps in question basically hijack your device and “mine” data in the background to get Litecoin and Dogecoin. Besides being sneaky and wrong, the process can heat up your device, cause it to run slow, and kill your battery as mining in general sucks the juice regardless of what device you’re mining with. Needless to say, neither app mentioned Bitcoin mining in their Play Store descriptions.

Trend Micro Mobile Threats discovered the apps and announced their findings Tuesday, so it’s a little troubling that only one app has been pulled at this time. Some find it baffling that someone would go to the trouble to use smartphones for mining, but those people are a bit out of the loop and that really isn’t the point.

Legitimate Bitcoin mining has been going on for months on mobile devices, and while one device isn’t going to have an impact, a million devices running hidden software sure as hell will. If the process sucks your battery dry, you may be safe until you recharge/reboot, but think of all the times you’ve just left your phone plugged up and charging.

As always, your best defense against malware or any other app-related malady is to do your due diligence. If you’re unsure of an app, check out the developers website, see if they’re using a proper email (gamhaxorz@gmail isn’t a good sign) and if you’re at all concerned… just don’t download the thing. Chances are there are a dozen other apps that do the exact same thing without killing your battery or stealing your info.

Source: Trend Micro, Via – ArsTechnica

Adam is a tech aficionado and Android enthusiast. When he's not checking out new tech, you can find him playing poker or binge-watching shows on Netflix.

You must be logged in to post a comment Login