We trust Trend Micro to tell us about malware and how to potentially avoid them. The last reminder we heard from them was the cryptocurrency miner malware being back in Google Play. We also remember the DressCode malware, that media file vulnerability in Android, and the Android malware ‘Godless’ that used several exploit tools to root devices. Today, we’re learning about a new Android malware that can use a device to mine Monero. The latter is a cryptocurrency similar to Bitcoin. What this app does is mine Moneros by hiding from the users and abuse the Device Administrator feature.
Trend Micro has detected the ANDROIDOS_HIDDENMINER. The cryptocurrency miner has victimized a number of users already. One was able to get 26 XMR which is about $5,360 from a Monero wallet. Infected devices mine the Monero of anyone. Obviously, these people are not aware because the malware hides itself. It takes advantage of a phone’s CPU power to mine. It continues to mine because there is no controller nor switch. Another possible result is the device will overheat and then eventually fail.
The company previously sighted a similar Android malware. It’s a Loapi Monero-mining malware that caused a phone’s battery to bloat. At present, HiddenMiner is affecting Android users in China and India.
What HiddenMiner does is ask a user to activate it as a device administrator. It then hides the app by removing the label and use a transparent icon. It takes advantage of anti-emulator capabilities so it can bypass automated analysis and detection and automated analysis.
Trend Micro Solutions offers the Trend Micro Mobile Security for Android to block such malicious apps. Feel free to download it, just to be sure.
SOURCE: Trend Micro
March 28, 2018 at 10:14PM