Your smartphone is idling, its temperature is rising and the battery is draining too quickly? It could be used to make some crypto coins.
Hackers often put fake copies of popular applications online, which are found to be hidden mining applications.
This new type of cyber attack is called “cryptojacking” by computer security experts. The process “consists of trapping an internet server, a computer, or a telephone and running malicious software on it to do a cryptocurrency mining operation,” explains AFP Gérôme Billois, an expert at Wavestone.
The “mining” process, which authenticates and creates bitcoins, ethereum, minero and other cryptocurrency , can be very lucrative but requires a lot of computing power and energy.
While it is possible to combine the power of several processors by assembling different computers, hackers have found a much more economical way to exploit these virtual riches: exploit the chips present on smartphones without the knowledge of their users.
“More and more malicious mobile applications hiding Trojans associated with a cryptocurrency mining program have appeared on platforms (NDLR: online applications) in the last twelve months,” David Emm, researcher at Russian IT security company Kaspersky Lab, told AFP.
According to Emm, “on mobile, the processing power available to criminals is less” than on a computer, but “there are many more of these devices, and therefore ultimately a greater potential”.
Google cleans up
To attract users, hackers often put dummy copies of popular applications online, which turn out to be hidden mining applications.
“Users are generally unaware of this” of the attack, with the only clues being “the battery life and performance of the devices (which) suddenly diminish for no apparent reason” and the device starting to “dangerously overheat”, explains David Emm.
A version of the popular game “Bug Smasher”, installed over a million times from the Google Play application store, was detected in March by US-based IT security group ESET. He warned on his site that “the application is actually secretly used to mine cryptocurrency monero”.
Another example, malware called “Coin.Miner” was discovered by cyber security specialist TrendLabs in December. “The +malware+ is launched in a hidden browser window, which prevents the user from realizing it,” the company details on its blog.
Cryptojacking mainly affects devices running Android, Google’s mobile operating system. The iPhone is less targeted by hackers because Apple has more control over the applications that can be installed on it, according to computer security experts.
Google recently decided to clean up its mobile application store, Google Play, by informing developers at the end of July that it would no longer accept cryptocurrency mining applications on its platform.
According to Emm, Google is thus seeking to “limit opportunities for cybercriminals”.
“Cat and Mouse Game”
Pascal Le Digol, national director at WatchGuard, an American specialist in IT security solutions, acknowledges that “it is difficult to know which application to block”, given that “there are new ones every day” and that “the mining principle is to be as discreet as possible”.
However, there are ways to protect your phone. In addition to setting up antivirus software, Laurent Pétroque, an expert in online fraud at F5 Networks, advises you to “keep your Android device up to date”.
He also recalls that “people who decide to download applications from unofficial sources are more likely to inadvertently download malicious software.
For Mr. Le Digol, it is the “game of cat and mouse”: as in any hunt for cyber attacks, we must “constantly adapt to changing threats”. And in this particular case, “the mouse has taken a big leap,” he notes, stating that cryptojacking could “take other forms in the future” and decline on all types of connected objects.