Cryptocurrency has become a hot topic among tech-savvy investors and entrepreneurs. In January 2017, a single Bitcoin — the most popular and widely used cryptocurrency — was worth approximately $1,150. By mid-December, its value had jumped to $13,800. Granted, there have been plenty of fluctuations in Bitcoin’s value, but there’s no sign of a bubble bust happening anytime soon.
With the rise of cryptocurrencies like Bitcoin, however, comes a disturbing new form of malware targeting targeting Android users. Known as cryptocurrency-mining malware, it hijacks the victim’s device to mine cryptocurrencies. Of course, the victim doesn’t receive the mined cryptocurrency units; that’s funneled to the hacker’s wallet or account.
While cryptocurrencies vary in design and function, most are acquired through resource-intensive computer operations known as mining. There’s no central government backing cryptocurrencies like Bitcoin, so there’s no one to govern the way in which they are distributed. As a result, cryptocurrency units are issued to users who mine them using computer resources.
The problem is that consumer-level computers lack the power and speed needed for efficient mining. You’ll literally earn fractions of a Bitcoin, for instance, when mining on a computer — even if you mine for years. Because of this, some nefarious individuals have resorted to malware. By installing cryptocurrency-mining malware on thousands of Android devices, hackers can earn a substantial amount of the respective digital currency.
Android users should beware of the dangers of cryptocurrency-mining malware. As explained by Ars Technica, a recently discovered type of cryptocurrency-mining malware can physically damage Android users’ devices.
The damaging Malware is Trojan.AndroidOS.loapi, which cybersecurity experts at Kaspersky Lab are calling the “Jack of all trades.” When Kaspersky tested the malware on various Android devices, they discovered damage to the battery after just two days. Basically, the mining algorithm used in Trojan.AndroidOS.loapi generated enough heat that it deformed the phone’s battery and cover.
In addition to mining cryptocurrency, Trojan.AndroidOS.loapi also deploys advertisements, engages in distributed denial-of-service attacks (DDoS), spams contact numbers and subscribes the victim to paid services.
The good news is that Trojan.AndroidOS.loapi hasn’t made its way to Google Play. It was deployed through third-party app marketplaces as well as web browser ads and text messages. Nonetheless, experts recommend downloading and using an anti-malware app to protect your Android device from cryptocurrency-mining malware.
