Google Bans Cryptocurrency Apps
In recent news there have been reports of mobile devices combusting after installing some apps from the Google Play Store. These apps were later discovered to be Cryptocurrency miners, which had bypassed Google Play submission inspection. These kinds of operations, Cryptocurrency mining, are resource intensive, and are not designed to work on mobile devices. Most Enthusiast-grade Desktop Computers struggle with these operations, as they require the majority of RAM, CPU and if present, GPU power.
So, what's the problem?
Is there a name for this kind of attack?
As it turns out there is; “Cryptojacking”. Cryptojacking is not just tied to the android market however, as Advertisements, Browser Extensions, and Desktop Applications have also been affected. Because of the allure of “free” money; Threat Actors are drawn to this practice as they aren’t risking shortening the lifespan of their own hardware, nor are they paying for the electricity/Broadband costs of mining.
What are the risks, and how do I prevent it?
Lets start with the risk;
- Shortened equipment lifespan
- Increased thermal performance, leading to Thermal Throttling/Intermittent Shutdowns
- Higher than normal utility bills
- Possible infection due to malicious code preventing removal
All of the above are side effects of mining on generalised hardware.
So how do you protect yourself? Well that depends on the attack surface of your device. Here are some steps I recommend to take;
- Update your Operating System
- Ensure you have endpoint protection for business environments (including COPE devices)
- Ensure personal devices are running Anti malware (Most legitimate miners are blocked by default)
- Only install extensions for browsers from trusted sources; triaging them for a time if possible
Kumar, M. (2017, July). Google Bans Cryptocurrency Mining Android Apps from the Play Store. Retrieved from The Hacker News: https://thehackernews.com/2018/07/android-cryptocurrency-mining.html