2017 has seen cryptocurrencies really start to take off, with the price of one Bitcoin increasing by over 700% since January. Unfortunately, this has made the market a prime target for criminals, who are looking to 'steal' money by using unsuspecting victims' internet connection and power.
One of the most popular tactics identified in recent weeks has been the use of 'fake' Android applications. These often masquerade as legitimate-looking apps on the Google Play store but, once downloaded, they are able to mine digitial currencies for hackers – without the phone user ever knowing.
James Nguyen, mobile product manager for cybersecurity firm Symantec, said that the situation is 'kind of like letting a stranger live in a van across the street and have access to your internet connection and your power subscription.'
The most prevalent area for these attacks is Russia – over half of cryptocurrency mining malware attacks take place in the Eurasian country. However, mining scams are on the rise in North America too, with around 20% occuring in the United States.
“In the grand scheme of things, crypto mining malware is a low number (fraction of a percent [of all mobile malware]),” Symantec stated. “But if it proves to be lucrative to the developers, that number could rise.”
Users are being advised to be wary of the apps they download – with hackers hiding code in religious apps and crossword puzzles, among others. The end result is a high drain on the phone battery, a less responsive device and, thus, a frustrating experience for mobile phone users, according to Nguyen.
Malware mining was previously identified as a brief trend in 2014, but the astronomical values reached by Bitcoin especially this year seem to have sparked its comeback.