Skip to main content

Popular Google Play apps discovered to hold bitcoin-mining malware

More malware appears to be plaguing the Google Play Store, this time hijacking users' devices to perform Bitcoin-mining operations.

The new piece of malware, labelled BadLepricon, was discovered to be masquerading as wallpaper apps on the store that had hundreds of downloads each.

According to mobile security firm Lookout, Google promptly removed five apps from the Google Play marketplace showing the malware after being alerted, according to CNet.

"These apps did fulfil their advertised purpose in that they provided live wallpaper apps, which vary in theme from anime girls to 'epic smoke' to attractive men," Meghan Kelly, Lookout security communications manager, wrote on the company's blog.

Related: Gaming company fined for mining Bitcoins from players

"However, without alerting you in the terms of service, BadLepricon enters into an infinite loop where every five seconds it checks the battery level, connectivity and whether the phone's display was on."

In some cases Bitcoin mining malware uses up so much processing power in a phone that it can burn out the device. To stop this from alerting victims, BadLepricon checks the device's battery and configures settings to maintain it above 50 per cent.

Also contained in the malware is a proxy system that allowed the author to control which Bitcoin wallet receives new coins and anonymously switches between mining pools.

The discovery is the second in a month that malware of this type has been found in the Google Play store, which has been affected by bogus apps in recent times, including an anti-virus which does absolutely nothing.