Android apps are vulnerable to attacks, experts warn
Android owners who find their battery life failing could have had their phones hijacked by hackers using it to mine bitcoin, Security experts have warned.
Most smartphones are run on Android Operating System (OS), making it the leading OS across the world.
But security experts yesterday said they have found ‘rogue’ apps that allow hackers to mine for bitcoin in the Android background.
Although Google has already removed dozens of the apps, security firm Lookout warns there could be more out there.
Researchers say the key signs area rapidly depleting battery and a handset that feels unusually warm.
They also advised: Make sure the Android system setting ‘Unknown sources’ is unchecked to prevent dropped or drive-bydownload app installs.
Download a mobile security app that protects against malware as a first line of defense.
‘Your phone is running low on battery and it seems to be working harder than usual. Would you ever suspect that it was secretly mining Bitcoin for someone you don’t know?’ it said.
The firm yesterday revealed it found a piece of mobile malware in Google Play that quietly uses the phone’s processing power to create new coins.
‘We call it BadLepricon,’ they said. ‘And yes, that is how the malware authors spelled ‘leprechaun’. We hope they were going for a clever play on the word ‘con’. The malware comes in the form of a wallpaper app.’
Google removed five of these applications after we alerted them to the issue, but it is believed the apps had between 100-500 installs each at the time of removal.
Lookout says bitcoin ‘rogue apps’ could become commonplace. ‘We expect to see more mobile miners come to the foreground,’ the firm warned.
The warning is the second over bitcoin apps that can install themselves on Android handsets.
Last month researchers discovered CoinKrypt that focused on coins such as Litecoin, Dogecoin, and Casinocoin.
The people behind this malware decided to go for these ‘low-hanging fruit’ coins because you can actually mine more coins with less computing power.
However, the researchers say both scams were unlikely to have made hackers much money.
‘A phone’s computing power doesn’t actually result in that many coins,’ they said.