Affiliate links on Android Authority may earn us a commission. Learn more.
Google Play Store teeming with malicious mining apps
- Kaspersky Lab discovered multiple instances of malicious Android mining apps appearing on the Google Play Store.
- One of these apps was downloaded over 100,000 times before it was discovered and removed.
- Google has yet to issue a statement about the discovery of these malicious Android mining apps.
When you download an app from the Google Play Store, an assumption is made that Google has vetted that app to make it safe for you. While Google certainly does a great job with its policing of the store, with 3.5 million apps and counting, some malicious apps will inevitably make it through the filters.
It appears that’s just what happened with a slew of apps that secretly use your smartphone’s processor to mine cryptocurrency. Researchers at Kaspersky Lab found multiple malicious Android mining apps on the Google Play Store that look like your typical games, sports streaming apps, VPN’s, etc., but are actually crypto mining apps running without the user’s knowledge or consent.
The most common apps afflicted with secret mining code are connected with soccer. Kaspersky Labs found a Portuguese soccer streaming app was downloaded over 100,000 times, mostly by users based in Brazil. As users stream a game, a JavaScript miner launches in the background and begins mining crypto. Since the streaming video uses a lot of processor power in itself, users don’t notice a spike in CPU usage caused by the malicious code.
Other apps keep tabs on CPU load as well as temperature to make sure that the code doesn’t use so much of the phone’s processing power that the user will notice. After all, if your phone gets hot from being overworked and you’re not doing anything, that might make you suspicious.
While CPU processors in smartphones are indeed not as powerful as those found in laptops and desktop computers, the sheer volume of systems able to mine crypto makes the illegal activity worth it.
After Kaspersky Lab found the malicious apps, it informed Google, which promptly removed them from the Google Play Store. However, the company has not made any public statement about the issue or how it will change its policies to prevent future infractions.
Recently, Google announced that it would be removing any and all crypto mining browser extensions from the Chrome Web Store, even if the extensions are legitimate. Perhaps it will enforce a similar rule on the Google Play Store in response to Kaspersky Lab’s findings.