Wallpaper apps on Google Play contain mobile Bitcoin-mining malware

Share this article:
Dendroid RAT slips into Google Play
Dendroid RAT slips into Google Play

Five wallpaper apps in the Google Play store – that are now no longer available – did deliver on the background images that were promised, but also delivered a new piece of mobile Bitcoin-mining malware known as BadLepricon.

The BadLepricon malware is believed to target Bitcoin specifically, Michael Bentley, head of research and response with Lookout, the mobile security company that discovered the malicious apps, told SCMagazine.com in a Friday email correspondence.

The malware is similar to other mobile cryptocurrency-mining malware, but it comes with some new tricks to help it fly under the radar, including only running when the display is turned off, the battery power is more than 50 percent, and the device is connected to the internet, Bentley said.

Because Bitcoin mining requires so much computing power, batteries end up draining quickly and mobile devices tend to overheat, so the BadLepricon author implemented the aforementioned features as a way of helping prevent the malware from giving itself away.

Still, mobile malware is, ultimately, not the best way to go when it comes to mining Bitcoin.

“It's actually very inefficient,” Bentley said. “In order to be successful using mobile mining malware, you would have to have a network of thousands of phones at your disposal. That said, the processing power on phones is increasing and the more powerful these devices get, the more people are going to experiment with digital coin mining on them.”

Although Google has an excellent screening process, certain malicious apps still make it into the Google Play store because the arena is so new and security has not yet been perfected, Bentley said. Each app had between 100 and 500 downloads prior to removal, according to a Thursday post.

Share this article:

Sign up to our newsletters

More in News

Five schools earn NSA's excellence in cyber ops distinction

The schools earned NSA's Centers for Academic Excellence designation for their cyber offerings.

With RATs at their disposal, 419 scammers target businesses

With RATs at their disposal, 419 scammers target ...

A new report reveals how Nigeria's 419 scammers are spreading malware to pocket business funds.

InfoSec pros worried BYOD ushers in security exploits, survey says

InfoSec pros worried BYOD ushers in security exploits, ...

A study by the Information Security Community on LinkedIn found most organizations don't have proper polices and support for BYOD.