Android users beware; a new bit of malware has been spotted hiding inside apps on the Google Play store. The malware is called BadLepricon and it is designed to harness your smartphone or tablet to mine for Bitcoin. Bitcoin mining is very resource intensive so the malware would likely impact battery life and increase heat production of your device significantly if present.
Researchers discovered the malware when digging through Google Play and it was discovered to be present in five different wallpaper apps that have been downloaded between 100 and 500 times each. That gives the nefarious hackers a good number of compromised devices to use for mining virtual currency.
The researchers that discovered the malware are from an anti-malware company called Lookout. Once notified that the malicious apps were present, Google reportedly removed the apps immediately. Malware that tries to take over the user’s device to mine virtual currency is nothing new, several instances have happened in the last few months. Previously a pair of apps were discovered that were mining Litecoin and Dogecoin without informing end users that mining would happen.
Both those apps did provide the live wallpaper functions as advertised so many users would have no idea their device was compromised and being used to mine virtual currency. One interesting aspect of BadLepricon discovered this week is that it worked only when the battery was at 50% or higher to help hide activity from the device user. BadLepricon also had a stratum mining proxy integrated to give the operators the ability to have devices work in unison with others.
via Ars Technica