Andy Android emulator installer could be installing a cryptominer

Android has, justified or not, earned a reputation of being easily compromised by malware, especially when installing apps from third-party sources. On the desktop side, that has traditionally been Windows' infamy. In an almost comical but also dangerous twist of fate, those two come together in the Andy Android emulator for Windows. According to reports, the makers of the emulator may or may not be responsible for installing a cryptocurrency (like bitcoin) miner disguised an always running "Updater.exe" program.

The matter isn't exactly clear-cut and reeks of Internet drama. The only known and observable fact is that a certain version of the Andy Android Emulator installs a cryptomining program that has no business being there. It also has no business running in the background or remaining installed even after Andy itself was booted out.

Things get a bit murky when you start to ask where the said malware comes from. Obviously, the immediate culprit would be the developers of Andy. According to Redditor TopWire, however, the developers' behavior around this matter ranged from outright denial to fingerpointing to turning a deaf ear (and removing him from the support group).

In particular, Andy developers are putting the blame on a third-party tool that they use to create the installer. However, further investigation suggests that it is the Andy program itself that calls an IP to download the miner. Either way, Andy does have a responsibility to ensure that any third-party tool they use is blameless because otherwise, the blame would fall squarely on them anyway.