Google Play store affected by cryptocurrency mining malware

The Google Play store has been affected by cryptocurrency mining malware [Image: dragana991 via iStock]

The Google Play store has been affected by a malware that can secretly mine cryptocurrencies, including Bitcoin.

Cyber security firm Trend Micro found that at least three apps in the Android app store were infected with malicious cryptocurrency mining capabilities, meaning they can pass this problem onto the devices that download them.

The malware results in a slower performance and reduced battery life as the malware leeches the device’s power to mine Monero coins. It has been hidden in seemingly innocuous apps, including a WiFi scanner, a prayer app and a wallpaper.

Trend Micro said: “We’ve previously seen tech support scams and compromised websites used to deliver the Coinhive JavaScript cryptocurrency miner to users. However, we’re now seeing apps used for this purpose, which we detect as ANDROIDOS_JSMINER. Of the two apps we found; one supposedly helps users pray the rosary, while the other provides discounts of various kinds.”

The company explained that these threats highlight how even mobile devices can be used for cryptocurrency mining activities, even if the effort results in “an insignificant amount of profit”. The researchers advised users to “take note of any performance degradation on their devices after installing an app”.

Google has pulled the infected apps named by Trend Micro, but it is not yet known how many devices the malware managed to infect prior to that. It is also unknown if the hackers responsible managed to mine any Monero coins.

TrustedReviews.com recommended that Android users be “extra vigilant” when they download apps, including even those that look fairly legitimate. Users should also look out for any sudden drops in a phone’s performance and battery life since those are “tell-tale signs that something nasty is lurking in the background on your handset”.