Cryptocurrency-mining script planted in apps on Google Play
Coinhive’s cryptocurrency-mining script has found its way into mobile apps offered on Google Play.
Trend Micro researchers have spotted two apps that have been equipped with it:
The first (prsolutions.rosariofacileads) is an app that is meant to help users pray the rosary, the second one (com.freemo.safetyne) allows users to “earn free Talk, Text, and Data” by racking up credits “by redeeming local coupons and deals, watching videos, taking surveys and more.”
Is it worth it for the crooks?
Both of the apps have been pulled from Google Play, and the accounts of their developers have apparently been removed or suspended. They can still be downloaded from some third-party Android stores.
In addition to this, the researchers also unearthed a legitimate wallpaper app (com.yrchkor.newwallpaper) that has been modified to include a mining library.
“The efficacy of mobile devices to actually produce cryptocurrency in any meaningful amount is still doubtful,” the researchers noted, but pointed out that “the effects on users of affected devices are clear: increased device wear and tear, reduced battery life, comparably slower performance.”
They advised users to be on the lookout for covert crypto-mining apps and to uninstall apps that trigger a noticeable performance degradation on their devices.