Wallpaper apps on Google Play contain mobile Bitcoin-mining malware

Share this article:
Dendroid RAT slips into Google Play
Dendroid RAT slips into Google Play

Five wallpaper apps in the Google Play store – that are now no longer available – did deliver on the background images that were promised, but also delivered a new piece of mobile Bitcoin-mining malware known as BadLepricon.

The BadLepricon malware is believed to target Bitcoin specifically, Michael Bentley, head of research and response with Lookout, the mobile security company that discovered the malicious apps, told SCMagazine.com in a Friday email correspondence.

The malware is similar to other mobile cryptocurrency-mining malware, but it comes with some new tricks to help it fly under the radar, including only running when the display is turned off, the battery power is more than 50 percent, and the device is connected to the internet, Bentley said.

Because Bitcoin mining requires so much computing power, batteries end up draining quickly and mobile devices tend to overheat, so the BadLepricon author implemented the aforementioned features as a way of helping prevent the malware from giving itself away.

Still, mobile malware is, ultimately, not the best way to go when it comes to mining Bitcoin.

“It's actually very inefficient,” Bentley said. “In order to be successful using mobile mining malware, you would have to have a network of thousands of phones at your disposal. That said, the processing power on phones is increasing and the more powerful these devices get, the more people are going to experiment with digital coin mining on them.”

Although Google has an excellent screening process, certain malicious apps still make it into the Google Play store because the arena is so new and security has not yet been perfected, Bentley said. Each app had between 100 and 500 downloads prior to removal, according to a Thursday post.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Kevin Mitnick to sell zero-day exploits

Kevin Mitnick's new venture will develop and procure zero-day exploits, then sell them for $100,000 or more.

FBI warns of potential cyber attacks launched by ISIS hacktivists

Following U.S. military airstrikes in the Middle East, the FBI has issued a warning regarding possible cyber threats aimed at U.S. networks and critical infrastructure by hacktivists in support of ISIS.

Report: 75 million records compromised so far in 2014

Report: 75 million records compromised so far in ...

An updated report indicates that since this time last year, breaches have increased by 29.4 percent, with 568 breaches occurring this year.