Wallpaper apps on Google Play contain mobile Bitcoin-mining malware
Dendroid RAT slips into Google Play
Five wallpaper apps in the Google Play store – that are now no longer available – did deliver on the background images that were promised, but also delivered a new piece of mobile Bitcoin-mining malware known as BadLepricon.
The BadLepricon malware is believed to target Bitcoin specifically, Michael Bentley, head of research and response with Lookout, the mobile security company that discovered the malicious apps, told SCMagazine.com in a Friday email correspondence.
The malware is similar to other mobile cryptocurrency-mining malware, but it comes with some new tricks to help it fly under the radar, including only running when the display is turned off, the battery power is more than 50 percent, and the device is connected to the internet, Bentley said.
Because Bitcoin mining requires so much computing power, batteries end up draining quickly and mobile devices tend to overheat, so the BadLepricon author implemented the aforementioned features as a way of helping prevent the malware from giving itself away.
Still, mobile malware is, ultimately, not the best way to go when it comes to mining Bitcoin.
“It's actually very inefficient,” Bentley said. “In order to be successful using mobile mining malware, you would have to have a network of thousands of phones at your disposal. That said, the processing power on phones is increasing and the more powerful these devices get, the more people are going to experiment with digital coin mining on them.”
Although Google has an excellent screening process, certain malicious apps still make it into the Google Play store because the arena is so new and security has not yet been perfected, Bentley said. Each app had between 100 and 500 downloads prior to removal, according to a Thursday post.