Apps from Google Play drain devices with covert crypto-coin mining

Have you, by chance, put the harmlessapps Songs, or Prized on your Android device? If you are among the 1to 5 million users who installed the former, and the 10 000 to 50 000who installed the latter, you probably felt your 'droid wasn't thesame after. It got hot. It lagged. Its battery drained quickly. Itsdata usage skyrocketed. Yet, on the surface, everything appeared tobe in order.

Actually, everything was inorder - but only for said apps' creators, who engineered them tocovertly turn your device into a cryptocurrency mining drone, slavingaway for digital gold in a huge botnet. What a twist! Apparently,when users left their device to charge, these apps woke up fromdormancy and went to mine Bitcoin, Litecoin, and Dogecoin. As youmight know, mining cryptocurrency is a very compute-intensive processthat even the most powerful of today's mobile silicon can'tadequately deal with. But foster a mining pool of millions of phonesand tablets that work to put crypto-coins into your wallet, and oneday you'll wake up criminally rich... in weird Internet money.

That's probably what Songs and Prized'smakers thought, before security company Trend Micro reported themining operation. Such malicious schemes are already familiar, butthey used to be carried out only by apps available outside of theGoogle Play Store. The fact that these apps that we're talking aboutcome from, and are still available in what's supposed to be a safeheaven for Android software, is disconcerting, to say the least.

Trend Micro's Veo Zhang, the threatanalyst who reported the danger, had the following to say on thematter:

Meanwhile, Google is yet to comment onthe report.

source: TrendMicro via ARSTechnica