Date:31/03/18
Android smartphones are facing yet another variation of cryptocurrency mining malware that can potentially cause a device to fail through overheating.
Dubbed HiddenMiner, the malware was discovered by cyber security firm Trend Micro, which noted it siphons a phone's CPU power to crunch calculations to generate the Monero cryptocurrency.
Commonly known as 'cryptojacking', the malware can force a processor to run at maximum speed for extended amounts of time. This, in turn, can cause the phone's chipset to overheat and fail, or in the worst case scenario combust.
So far it has been found in third-party marketplaces restricted to India and China and has not been detected in Google's official Play Store.
The code for HiddenMiner doesn’t have a switch, controller or optimiser which means it will continuously mine for Monero until the device is completely drained or it overheats and fails.
It poses as a legitimate update for Google Play’s app, cropping up as a message with the Google Play icon and com.google.android.provider.
Users that have an infected device will find this message popping up repeatedly until it is granted administrative access.
It has several ways it can hide within the app, most commonly by removing the label from the app and leaving a blank square, and once it has access, it will vanish altogether.
If it is granted admin privileges, users will not be able to uninstall the app until the admin privileges are revoked, but the malware will prevent users from doing so by locking the screen when they attempt to do so.
"HiddenMiner is yet another example of how cybercriminals are riding the cryptocurrency mining wave. For users and businesses, this reinforces the importance of practicing mobile security hygiene: download only from official app marketplaces, regularly update the device’s OS (or ask the original equipment manufacturer for their availability), and be more prudent with the permissions you grant to applications," said Lorin Wu, mobile threats analyst at Trend Micro.
This type of malware is by no means new and Google had previously resolved this issue in Nougat and later in OS versions by reducing privileges of device admin apps.
So if you have a Nougat device, or later Android version, you’ll simply be able to revoke permissions, but if you have an older device you’ll need to reset it to remove HiddenMiner.
The malware is similar in nature to the Loapi Trojan malware that made headlines last year after it caused batteries to swell and potentially explode.
HiddenMiner cryptocurrency mining malware can push Android devices to breaking point
Android smartphones are facing yet another variation of cryptocurrency mining malware that can potentially cause a device to fail through overheating.Dubbed HiddenMiner, the malware was discovered by cyber security firm Trend Micro, which noted it siphons a phone's CPU power to crunch calculations to generate the Monero cryptocurrency.
Commonly known as 'cryptojacking', the malware can force a processor to run at maximum speed for extended amounts of time. This, in turn, can cause the phone's chipset to overheat and fail, or in the worst case scenario combust.
So far it has been found in third-party marketplaces restricted to India and China and has not been detected in Google's official Play Store.
The code for HiddenMiner doesn’t have a switch, controller or optimiser which means it will continuously mine for Monero until the device is completely drained or it overheats and fails.
It poses as a legitimate update for Google Play’s app, cropping up as a message with the Google Play icon and com.google.android.provider.
Users that have an infected device will find this message popping up repeatedly until it is granted administrative access.
It has several ways it can hide within the app, most commonly by removing the label from the app and leaving a blank square, and once it has access, it will vanish altogether.
If it is granted admin privileges, users will not be able to uninstall the app until the admin privileges are revoked, but the malware will prevent users from doing so by locking the screen when they attempt to do so.
"HiddenMiner is yet another example of how cybercriminals are riding the cryptocurrency mining wave. For users and businesses, this reinforces the importance of practicing mobile security hygiene: download only from official app marketplaces, regularly update the device’s OS (or ask the original equipment manufacturer for their availability), and be more prudent with the permissions you grant to applications," said Lorin Wu, mobile threats analyst at Trend Micro.
This type of malware is by no means new and Google had previously resolved this issue in Nougat and later in OS versions by reducing privileges of device admin apps.
So if you have a Nougat device, or later Android version, you’ll simply be able to revoke permissions, but if you have an older device you’ll need to reset it to remove HiddenMiner.
The malware is similar in nature to the Loapi Trojan malware that made headlines last year after it caused batteries to swell and potentially explode.
Views: 576
©ictnews.az. All rights reserved.
Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World
