25 apps hosting cryptojacking scripts found on Google Play Store

25 apps hosting cryptojacking scripts found on Google Play Store

SophosLabs claims to have identified at least 25 Android apps published on the official Google Play Store containing scripts that facilitate cryptojacking activities on users’ computers.

In its report, the company noted that the apps in question have “been downloaded and installed more than 120,000 times.”

The report comes some two months after Google announced that it would no longer allow apps that mine cryptocurrency on devices. According to SophosLabs, the malicious malware were included in different applications—from educational to gaming and utility apps.

Out of the 25 apps, 22 were found to have an implementation of Coinhive’s code. The Coinhive script allows hackers to mine privacy-centric coin, Monero (XMR), without the knowledge of the device’s user. Meanwhile, Lighton and Mobeleader were discovered to have been hosting crypto mining scripts on their servers “presumably to thwart firewalls or parental controls/reputation services that might block Coinhive’s domain by default.”

Another app called A Paintbox for Kids was also found to have been running Xmrig, which was described as an open source CPU miner that can mine not just XMR but several other cryptocurrencies as well.

25 apps hosting cryptojacking scripts found on Google Play Store

Source: SophosLabs

According to SophosLabs report, apps containing the cryptojacking malware include Trance Droid by Happy Appys; Palkar by Palpostr.com; LHDS Vendors published by Taste of Life Group; Mobeleader from Abser Technologies; Helper for Knight Game from Evgeny Solovyov; and Dizi Fragmanları İzle from Oguzhan Kivrak.

The report also identified apps Game Viet 2048 from Thanhtu Media, Afterlife: RPG Clicker CCG by Levius LLC, Dominoes Games from Fun Board Games, A Paintbox For Kids by Uwe, Tapbugs and Dreamspell apps by Riccotz, Info Guru Pendidikan by Cakrawala Pengetahuan, and Lighton by Buyguard.

Meanwhile, 11 apps from Gadgetium were also found to contain an HTML page with a Coinhive-based miner. The apps were “preparation apps for standardized tests given in the U.S., exams such as the ACT, GRE, or SAT,” according to SophosLabs.

Google has clamped down on cryptocurrency activities that it deemed were harmful to customers. Earlier this year, Google banned the advertisement of cryptocurrencies and their related products. During this period, other platforms like Facebook and Twitter also banned cryptocurrency advertisements on their platforms. In April, some of Google’s platform like the Chrome Web Store banned cryptocurrency mining extensions.

Recently, it was reported that Google is planning to soften its stance on cryptocurrency. Google announced that it was going to update its crypto ads policy, as part of its bid to work more closely with regulated institutions in the United States and Japan.

New to blockchain? Check out CoinGeek’s Blockchain for Beginners section, the ultimate resource guide to learn more about blockchain technology.