Wallpaper apps on Google Play contain mobile Bitcoin-mining malware

Share this article:
Dendroid RAT slips into Google Play
Dendroid RAT slips into Google Play

Five wallpaper apps in the Google Play store – that are now no longer available – did deliver on the background images that were promised, but also delivered a new piece of mobile Bitcoin-mining malware known as BadLepricon.

The BadLepricon malware is believed to target Bitcoin specifically, Michael Bentley, head of research and response with Lookout, the mobile security company that discovered the malicious apps, told SCMagazine.com in a Friday email correspondence.

The malware is similar to other mobile cryptocurrency-mining malware, but it comes with some new tricks to help it fly under the radar, including only running when the display is turned off, the battery power is more than 50 percent, and the device is connected to the internet, Bentley said.

Because Bitcoin mining requires so much computing power, batteries end up draining quickly and mobile devices tend to overheat, so the BadLepricon author implemented the aforementioned features as a way of helping prevent the malware from giving itself away.

Still, mobile malware is, ultimately, not the best way to go when it comes to mining Bitcoin.

“It's actually very inefficient,” Bentley said. “In order to be successful using mobile mining malware, you would have to have a network of thousands of phones at your disposal. That said, the processing power on phones is increasing and the more powerful these devices get, the more people are going to experiment with digital coin mining on them.”

Although Google has an excellent screening process, certain malicious apps still make it into the Google Play store because the arena is so new and security has not yet been perfected, Bentley said. Each app had between 100 and 500 downloads prior to removal, according to a Thursday post.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Beazley: employee errors root of most data breaches, but malware incidents cost ...

Insurance firm Beazley analyzed more than 1,500 data breaches it serviced between 2013 and 2014.

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Apple issues seven updates, fixes more than 40 ...

In one of its infrequent "Update Surprisedays," Apple plugged holes, boosted security and added features.

Canadian telecom co. Telus unveils first transparency report

The company received more than 100,000 government requests for customer data last year.