Malicious crypto miners attack Android while remaining undetected by Google's security scanners

Computer security firm Trend Micro on Tuesday revealed that miners are using a malicious code to gather cryptocurrencies through affected Android apps.

Representative Image.

Representative Image.

The code helps miners to harness CPU power from affected devices while remaining mostly undetected by Google's app scanning systems. As per a report by Etherium World News, the malicious code uses embedded JavaScript loading along with a native code injector that keeps it under Google's radar.

The report also states that with the processes running in the background on Android applications, Trend Micro has been able to trace the code back to two crypto miners dubbed 'ANDROID_JSMINER and ANDROIDOS_CPUMINER'.

According to the report malicious website named Coin Hive is responsible for the development of the code. This is not the first time when the website has come under scanner as it is responsible for injecting JavaScript automatically into computers without the user's consent for crypto mining. Previously, Coin Hive was responsible for hacking up to thousands of websites with its code for bitcoin mining.

An Android miner detected through Avast anti-malware service. Image: Ethereum World News

An Android miner detected through Avast anti-malware service. Image: Ethereum World News

Security researchers have advised users to keep a track on their smartphone's CPU usage which could be a key indicator towards knowing whether a malware is in play. Trend Labs has also reached out to Google to have the compromised applications removed from the Google Play Store, to limit the damage. However, the ability of the code to stay hidden from Google's security scans in their app ecosystem does raise pertinent questions.


Updated Date: Oct 31, 2017 23:49 PM