The Google Play Store for Android smartphones has been a popular distribution platform for malware virtually since its inception.
With the relative freedom provided to developers entering the phone app market on Android’s open-source system, cybercriminals and bad actors have been able to infect the store with legitimate apps that function, but also contain malware.
As early as November 2017, a game called “XCooeeP” was detected by Avast as running JSMiner, a crypto miner malware. Between 1,000 and 5,000 users downloaded the app from the Google Play Store, which has since removed it.
Cryptocurrency mining malware is the threat of 2018, and it’s now on your phone.
The Rise of Crypto Mining
The latest rise of price and value of cryptocurrency has been too tempting for malware creators to resist, and they’ve set their sights on the plethora of handheld devices across the globe.
The processing power of smartphones is surprisingly high in comparison to an average laptop computer, but crypto mining normally requires a high GPU to hash out the calculations in hope of the payouts.
However, some cryptocurrencies such as Monero use an algorithm which makes it undesirable to throw GPU power at it as it’s most effective under CPU power.
The reasonably powerful chips in smartphones appears perfect for the job. CoinMiner allows mining of Monero on a victim’s device, and is the primary malware added to infected apps.
Smartphone malware has aggressively developed over time, but the same basic formula has been followed to attack unwitting users.
The applications normally perform a simple function, like a flashlight or a simple game. On installation, the user agrees to a wide range of permissions which grant the malware the ability to perform its function.
A flashlight application doesn’t need to access your contacts to work, for example, yet many users simply agree to grant this permission regardless of what the application is supposed to do at its core.
With cryptocurrency, the reward to hackers can be fast, anonymous and global, even if the criminal activity makes up a small portion of cryptocurrency transactions.
It’s impossible to say which app will be named next. By the time you’ll be hearing about it, Google or Apple will have likely removed the app from their platform.
If you’re prone to installing games or an app “for everything,” you’re likely at a higher risk of being infected.
How Can You Protect Yourself from Malicious Crypto Miners?
- Read the Reviews Before Downloading
Often malicious apps will have very few reviews, and/or they may seem illegitimate. Yes, there will be reviews which make no sense or serve no purpose, but the general consensus of the reviews overall can provide a great insight into the genuine quality of the application.
Look at the substance of the reviews, not just the stars. If there are very few reviews but they are all substantive, then the application might be good.
If the reviews look bought, are completely useless, or there are very few, it could be better to stay away and go for a more established application.
- Check the Quantity of Previous Downloads
Be reasonable with what you’re about to download. If it’s painting itself as an amazing utility or game, but then doesn’t have the download number to back it up, it might be too good to be true.
That’s not to say that apps with less than 5,000 downloads are malicious, and this factor alone certainly isn’t definitive. But this factor in conjunction with a number of others in this list can make this one a nail in the coffin.
- Permissions (The Most Important Factor)
Regardless of everything else, please stop to think about what the permissions you are agreeing to when installing the app into your phone, and what it really could mean.
Red flags could be simple utility applications that do not require the internet asking you to grant the permission to allow access to “network settings,” or a flashlight app that needs access to your “contacts” in order to be installed. If it doesn’t make any sense to you, then stop feeling comfortable enough to agree to it.
Ultimately, the “way in” in the majority of these crypto miners is through your explicit agreement. Take the time to consider it.
- Download Applications from Trusted Sources
Don’t download applications from websites other than those you trust. This will reduce the risk of installing cryptocurrency miners on your smartphone. Yes, these miners may have infiltrated the core stores of both Google and Apple, but if you’re downloading your apps from a domain that ends in “.ru,” you likely don’t stand a chance.
Push the scales a little more in your favour and ensure you use the core stores.
- Install Anti-Virus?
It’s a hotly debated topic, even today, in information security circles. Generally speaking, anti-virus software is reasonable for a very non-technical user, despite its flaws. Regardless of what the network engineer down the road tells you, if you’re computer illiterate it’s probably a good idea to install some anti-virus software on your smartphone.
With that said, if you know what you’re doing to some degree, and if you’re reading this you probably do, then it can be best to keep only the apps that you need on your phone and follow the above rules to a tee. That should be enough.
The Bottom Line
It’s difficult to determine where the fault lies with the outbreak of these crypto mining apps for smartphones. Certainly, users should try to remain more vigilant over their own devices.
Yet perhaps the trusted brand names like Google and Apple should perform more strict audits over the source code of the apps they are going to push from their platform.
Unfortunately, it’s a matter of cost to these companies. We can hypothesize all we want over whether a major brand is stifling freedom in software distribution by slowing indie and third-party developers from quickly entering their market, but in the end, it does just come down to cost.
How much would it cost them to perform the minimum amount of auditing, to balance the cost of bad press they might receive from spreading malicious code?