What was missing, Android apps and botnets that want to use us to mine cryptocurrencies

The use of crypto miners like Coinhive, one that was born as an interesting proposal to monetize websites asking users a small percentage of use of their CPU to mine cryptocurrencies like Monero, is increasingly leaning towards the worrying side.

We already talked about how The Pirate Bay had started using it without asking users, or how some extensions for Chrome were abusing the same thing. But the problem is not limited to the browser, but it has also reached the Android applications.

In Trend Micro have discovered two applications in the Play Store that were using Coinhive to try to mine cryptocurrencies.

The apps, which have already been removed from the store, used a copy of Coinhive inside a hidden web view browser. As long as the user kept the apps open, the script worked, forcing the mobile to work as hard as possible to undermine Monero.

Although the efficiency of this method may be rather dubious to obtain cryptocurrencies, the process does have a huge impact on the performance of the infected device : it quickly drains the battery, overheats it, and wears it out.

A growing problem

More and more computers are hijacked to mine cryptocurrencies. Not only is the use of scripts like Coinhive, we also see it in the creation of malware to hijack other types of devices, such as the Raspberry Pi.

There are even smarter hackers who have chosen to hijack the Amazon cloud of large companies and steal the power of their servers to mine bitcoin.

In addition to all this, alerts begin to appear on multiple WordPress websites hacked and altered to embed variants of Coinhive in them, basically created a botnet of pages that undermine cryptocurrencies using the CPU of those who visit them.

From the computer we have some tools to block things like Coinhive, in addition, Chrome could soon add a function to avoid being used to mine cryptocurrencies, but in the case of mobile devices, the problem gets more complicated, especially because it is not common Install antivirus or ad blockers on them.