Google Play: A Host For Cryptocurrency Malware

Google Play

What happens when the Yin meets the Yang? It brings about balance on a cosmic level. The advent of the decentralized Blockchain technology and with it, cryptocurrency, has become pretty mainstream. Add to it, the multiple number of apps that are now available online with a click of a button specially on Google Play Store, we should have an easy transition to all things decentralized. But, as always it is with life, even this technology is facing an unknown enemy in the shape of Malware ridden apps. Malicious Crypto Apps on Play Store are matter enough for generating concern, but add to it, crypto jacking and we have a new level of hell.

 

Malicious Cryptocurrency Apps: A Sad Reality

The high number of applications that are malicious in nature are always on a lookout for gullible victims. By not ensuring the origins of an app, we let such apps rule the roost by letting them secretly mining Monero on our devices. Usually, when any apps are installed on a device, the application will load a JavaScript library code which has been sourced from Coin-hive. Once it is loaded (a process that takes a matter of minutes) it starts mining with the attacker’s own site key. Hence, one needs to keep in mind a few factors before downloading any application from Play Store. It is the only way one can protect themselves from Malware.

  • Avoid installing any applications from third party run app stores.
  • If downloading from Play Store, ensure that you have a working Mobile Security app for extra protection that scans and screens the app at the time of installment.

The manner in which they fly under the radar of Google, is by simply avoiding detection. These malicious apps use techniques such as dynamic JavaScript loading and native code injection because of which they manage to have air time of up to a week before Google becomes wise to their nature. That much time is enough for it to gain access to the multiple number of devices in which it has been downloaded.

Also Read :  How to Remove Malware and Adware from Your Mac

 

Crypto Jacking: Flip Side of Malware Apps

Another aspect that affects Android enabled smartphone devices is that these applications may be deleted from our system, they leave behind a footprint in the form of cryptojacking. In it, they secretly mine Monero without the victim’s knowledge. Previously, there was a huge call back on many sites and application that used the victim’s CPU power for mining purposes. With ongoing mining, the victim shall forever find their phones to work slow and lose a lot of its battery power even with little use.

Another aspect that affects Android enabled smartphone devices is that malware applications copy the look, style, format, interface apart from the name of the original app available on Play Store and confuse the users. As was the case with My Ether Wallet, (a famous Ethereum Wallet) the attackers simply changed the intercepting DNS requests directly to a Russian server and made a tidy sum as profit. It took Google almost a week to spot the flaw, but till then, it was too late. A total of $17 Million in Ethereum had been transferred off to the attackers accounts.

 

In Conclusion: Constant Vigilance!

As more and more people are joining in the bandwagon that is cryptocurrency, such malicious applications are bound to have a field day. One needs to be extra alert before downloading any application least it be malicious in nature.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *