Somewhere, there’s a criminal genius who has cooked up a nasty way to enslave your Android phone as his personal money-making machine. Over the past month, he has infected hundreds of smartphones — maybe thousands — and used them to mine digital currency.
Researchers at Lookout Software, a mobile security company, discovered the Trojan horse program last month in underground Spanish-language forums dedicated to pirated software. The company’s principal security researcher, Marc Rogers, installed it on his Android phone. It zapped his Nexus 4 phone’s battery after spending about four hours mining the equivalent of less than a penny for its criminal master.
The malware is just the latest example of a scheme to mine digital currency with pilfered processing power. The software systems that drive digital currency such as bitcoin and litecoin require help from computers across the globe, and if you contribute processing power to the cause, you get money in exchange. Like other schemes, this new piece of malware is stealing compute cycles from other people’s devices in an effort to make some dough.
The good news is that the thing doesn’t work that well. Lookout Software says its take has been only about $5 total. Mobile phones aren’t known for their processing power. “This is literally the most unsophisticated malware I’ve ever seen, Rogers says. “All it does is — the moment the app starts — it starts mining and pays the money to a hard-coded address.
This is literally the most unsophisticated malware I’ve ever seen.
–Marc Rogers, Lookout
Five years ago, anybody could contribute their personal computer’s processor to the bitcoin network in exchange for the digital currency — a process known as mining. But since then, a lot of people have started mining bitcoins — so many, in fact, that it’s now impossible to earn much more than a whisper of a bitcoin on your personal computer. The pros use custom-designed chips and massive computing rigs. Even mining contests for other currencies have become more intense.
And mining on low-power mobile phones is a particularly tough prospect — even if the phone has been hacked. Rogers’ Nexus 4 could do about 8,000 calculations per second. At that rate, it would generate about 0.01 litecoins after seven days of mining. “That’s almost 20 cents, Rogers wrote in a Lookout blog post.
The malware, which Rogers calls CoinKrypt, comes in Litecoin, Dogecoin, and CasinoCoin variants. Lookout has seen it “several hundred times on systems running its software. Anyone infected with CoinKrypt would find amiss pretty quickly. “First you’d notice that your phone would be quite sluggish. The second thing is your battery life would drain, Rogers says. “And I think the final thing is you’d notice your phone getting hot.
This is the first time Lookout has found crypto-mining malware on mobile phones. It could also be the last. “Clearly this was an experiment by malware authors, he says. “And clearly it was unsuccessful.
