New Android Bitcoin Mining Malware Found on Google Play

Lookout researchers recently uncovered new malware on the Google Play store that leverages the infected device’s processor to mine Bitcoins.

The malware, identified by Lookout as “BadLepricon,” appeared in six wallpaper apps with between 100 and 500 installs each. Google has since removed them from the store.

As Lookout’s Meghan Kelly notes, the average mobile device isn’t exactly an ideal tool for Bitcoin mining. “A phone’s computing power doesn’t actually result in that many coins,” she writes. “Every coin has a difficulty rate, which is determined by the amount of computing power needed to mine that coin and other factors. The difficulty for Bitcoin is so tough right now that a recent mining experiment using 600 quadcore servers was only able to generate 0.4 Bitcoins over one year.”

Still, according to Kelly, the malware designer does seem to have been concerned about destroying victims’ devices (or, at least, avoiding detection) — BadLepricon checks the battery level, connectivity and display every five seconds, and only operates when the battery is at over 50 percent capacity, the display is turned off, and the phone has network connectivity.

Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles