All About Cash: Low Profits Don’t Deter Criminals from Using Your Mobile Devices for Cryptocurrency Mining


When we first heard about criminals - and legitimate companies - using miners to make some cash, it was assumed this would be just another episode of a new malware trend. However, mining scripts may end up being the biggest headache for not only website operators but also app developers - and basically everyone using the internet since these scripts are working to exploit users/readers' resources.

Following multiple similar reports, a new research has pointed out two new apps that were discovered running Coinhive mining script. The company markets its product as an easy to use in-browser cryptocurrency mining script, however, it continues to be predominantly used by criminals. So far, a number of adblockers, antivirus products, and Chrome extensions have essentially blacklisted it.

Binance Coin Just Became an Almost Perfect Deflationary Asset, With Over 500 BNB Tokens Burnt in the Past 24 Hours Since the Bruno Upgrade

From GPU to CPU mining; from desktop to mobile - anything for a little cash

The latest Trend Micro report reveals how the criminal community is quickly adapting to use different platforms to make some easy cash. After being blacklisted by AV products that made reaching out to millions of users through browsers a little difficult, the scripts are now being deployed on mobile apps - a platform where usage of AV products isn't as prevalent.

While it's still uncertain if mobile resources can get criminals any significant profits, "the effects on users of affected devices are clear," researchers warned. Expect "increased device wear and tear, reduced battery life, comparably slower performance."

The latest apps that have now been removed from Google Play Store are "Recitiamo Santo Rosario Free" and "SafetyNet Wireless App." Again, none of these requested user consent before using their resources to mine Monero for their developers.

When the malicious JavaScript code is running, the CPU usage will be exceptionally high.

In their report, security researchers also mentioned a wallpaper app named "Car Wallpaper HD: mercedes, ferrari, bmw and audi" that came with the gift of a CpuMiner. Trend Micro wrote that this falls into the second category of mining script as criminals take legitimate apps, add mining libraries and distribute them on the web. "We have identified a total 25 samples of ANDROIDOS_CPUMINER," the team wrote in its research.

The trend of using JavaScript-based cryptocurrency mining scripts and CPU miners appears to be at its peak as criminals move to attack mobile platforms along with browsers. "These threats highlight how even mobile devices can be used for cryptocurrency mining activities, even if, in practice, the effort results in an insignificant amount of profit," Trend Micro wrote.

If your mobile phone is suddenly being super slow or the battery is dying too soon (unless you are on iOS 11.0.3), security researchers have advised to "take note of any performance degradation" after uninstalling/reinstalling any suspicious apps.