Coinhive’s cryptocurrency-mining script has found its way into mobile apps offered on Google Play.
The first (prsolutions.rosariofacileads) is an app that is meant to help users pray the rosary, the second one (com.freemo.safetyne) allows users to “earn free Talk, Text, and Data” by racking up credits “by redeeming local coupons and deals, watching videos, taking surveys and more.”
ANDROIDOS_CPUMINER: Trojanized versions of legitimate apps
Another family of malicious apps takes legitimate versions of apps and adds mining libraries, which are then repackaged and distributed. Detected as ANDROIDOS_CPUMINER.
One version of this malware is in Google Play and disguised as a wallpaper application:
On smartphones, devices hit with the mining malware will show clear signs that something is wrong – including reduced battery functionality and slower performance.
It’s unclear how many downloads each app received, but both apps have been removed from google play store and the accounts of their developers have apparently been removed or suspended.
If after installing an App and you notice a reduction in your device performance or high battery drainage, then you definitely have to uninstall the app.
Have you had any experience, Share with us in the comment section below.
Join the discussion on Telegram