It seems that there is no end to the crypto-jacking menace that’s been affecting the web as of late. This post is based on a 13-page report released last week by Sophos, a UK cyber-security firm. Based on the security firm, 19 Android apps were discovered by its engineers that were uploaded and made available through the official Google Play Store.
Using four developer accounts, Sophos was able to discover this kind of technique in the 19 Android apps. Even though most of the infected apps barely has 100-500 installs, one app in particular (extreme.action.wwe.wrestin), was installed over 100,000 to 500,000 Android devices.
Although there are tons of oversaturated articles about illegal crypto-currency mining made by many news sites online, you should know that the mining crypto-currency on smartphones could damage the device permanently. This is based on the analysis made by researchers from Kaspersky who proved this theory when they discovered the Android malware called “Loapi”.
Note that you don’t necessarily have to install a malware-laden Android app on your device to be affected. Just yesterday, security researchers from Malwarebytes found a malvertising campaign that targets Internet users who are using Android mobile browsers. The malvertising campaign was discovered to be using a malicious code which was hidden in ads to redirect users to sites that cater to Monero mining while the unsuspecting users were trying to solve a CAPTCHA field in the web page they were redirected to.