Google always bound to face trouble over the wide and open nature of its app checking policies on Google Play Store, and despite so many security measures, the search engine giant mostly fails to recognize the Android malware that are lurking around its Google Play store in vast numbers.
Recently, Google had offered users refund and additional credit of $5 for the bogus antivirus app 'Virus Sheild' that potentially defrauded more than 10,000 Android users who have downloaded the app from the Google play store. The step taken by Google is really appreciated, as the refunding cost Google around $269,000.
Now, it has been found that a number of malicious Android apps on the Google Play store secretly turn users’ android devices into small rigs contributing to a large-scale crypto currency mining operation.
CRYPTO MINER IN ANDROID APP
Security researchers from an anti-malware firm Lookout have identified various malware apps at Google Play Store, which they dubbed as ‘BadLepricon’ containing hidden crypto miner that stealthily exploit users’ android device to perform the cumbersome computational process without their knowledge.
BadLepricon malware was specially designed to be delivered via wallpaper apps and researchers found it in five separate apps masquerading as ‘Live Wallpaper Apps’ that had more than 100 of downloads each, according to a blog post published Thursday.
"These apps did fulfill their advertised purpose in that they provided live wallpaper apps, which vary in theme from anime girls to 'epic smoke' to attractive men," Meghan Kelly, a Lookout security communications manager, wrote in a company blog post. "However, without alerting you in the terms of service, BadLepricon enters into an infinite loop where -- every five seconds -- it checks the battery level, connectivity, and whether the phone's display was on."