Mining viruses now mobile-friendly
There is a relatively new and very dangerous security threat – mining viruses. We have already seen them injected in different websites through the means of malvertising – malicious advertising. Looks like that hackers have invented how to move to mobile platforms.
As the security expert team from Trend Micro Inc. says, Google Play, the app platform for Android devices, contains applications with latent cryptocurrency mining capabilities. Some bits of code are very similar to previous malicious scripts found on websites. What’s worse, many applications are posing as legitimate: samples found include an app for prayers, an app about Wi-Fi and an app that manages wallpapers.
The experts note that some applications can be posted on Google Play without any malicious codes inside, then get an approval from moderators, and only then get injected in some later update, which highlights the big issue Google has to solve as quick as possible. The media suggests scanning apps on a scheduled basis.
In other related news, CoinHive, the team that supposedly developed the code that since then has infected thousands of websites with latent mining scripts, has been hacked itself. Another team has intercepted the DNS and CloudFlare computing capabilities to mine cryptocurrency. Looks like in the future, we will see cyberspace wars for the vast mining rigs control.