Malicious Android Apps specially being written for mining are the latest scourge to face Android smart phone users as well as Google. In a latest report by security firm Lookout, its researchers have identified a strain of malware called BadLepricon running stealthily within the Android Apps. This malware runs in background without users knowledge and mines for Bitcoins.
|Screenshot of one of the Apps which was removed|
The Apps identified by Lookout which are found to be running BadLepricon are :
1. Mens Club Live Wallpaper
2.Urban Pulse Live Wallpaper
3. Epic Smoke Live Wallpaper
4. Beating Heart Live Wallpaper.
Lookout has notified Google security admins and Google has removed all the above Apps from Google Play App store.
“These apps did fulfill their advertised purpose in that they provided live wallpaper apps, which vary in theme from anime girls to ‘epic smoke’ to attractive men,” explained Lookout in a blog post.
“However, without alerting you in the terms of service, BadLepricon enters into an infinite loop where — every five seconds — it checks the battery level, connectivity, and whether the phone’s display was on.”
The problem with these kind of mining malwares is that they are difficult to deduct as they dont interfere with the normal phone functions or threaten the user with any virus or trojan. They simply run in the background using the smartphone’s processor speed to rake up a few milibitcoins. The only indications of such a malware running are constant draining of battery.
The BadLepricon is authored is such a way that it will start its operations only if the battery level of the infected smart phone is more than 50% full, the display is turned off and the device is connected to the network, the malware started its process of “mining” for bitcoin.
Though how the malware authors would benefit from the puny mining capabilities is yet to be noted. It is probably impossible for a malware author or owner to make any money by mining bitcoins singularly so the goal of bitcoin-mining malware like BadLepricon is to draw on the power of many devices, all running software without their owners’ permission.
Lookout has reported that all the above Apps had around 100-150 download so the BadLepricon may not have spread as much as its owners or authors would have liked. “Google promptly removed five of these applications after we alerted them to the issue. The apps had between 100-500 installs each at the time of removal,” explained Lookout.