Sometime this week, a report was released by SophosLabs in which the firm asserts to have identified up to 25 Android apps published on the Google Play store that consists of script facilitating the ‘crypto jacking’ of ‘user’ computing resources.
SophosLabs believes that they have found 25 apps on the official Google Play store that contain crypto jacking code within them. In addition, a report released by the company claims that the apps in question have “been downloaded and installed more than 120,000 times.” The apps accused on containing crypto jacking code are LHDS Vendors – which is published by Taste of Life Group, Mobeleader from Abser Technologies S.L., Palkar by Palpostr.com, Dizi Fragmanları İzle from Oguzhan Kivrak, Helper for Knight Game from Evgeny Solovyov, Game Viet 2048 from Thanhtu Media, Trance Droid by Happy Appys, A Paintbox For Kids by Uwe Post, Afterlife: RPG Clicker CCG by Levius LLC, Dominoes Games from Fun Board Games, Info Guru Pendidikan by Cakrawala Pengetahuan, Lighton by Buyguard, Tapbugs and Dreamspell – both published by Riccotz, and 11 apps published by Gadgetium – all of which comprised “preparation apps for standardized tests given in the [United States].”
Up to 22 of the 25 apps identified by the company (SophosLabs) were found to contain an implementation of COinhive’s code. Also, Lighton and Modeleader were found to hosting mining scripts on their own servers – “presumably to thwart firewalls or parental controls/reputation services that might block Coinhive’s domain by default.” Another app titled A Paintbox for Kids was found to be running Xmrig – “an open source CPU miner that can mine several cryptocurrencies in addition to XMR.”
The discovery of the apps comes in spite of the Google Play Store’s July ban on “apps that mine cryptocurrency on devices.” The ban led to several other undertaking perceived to comprise a crackdown on crypto across Google’s platform – including the prohibiting of cryptocurrency mining extensions from the Chrome Web Store back in April, and the banning adverts relating to “cryptocurrencies and related content” from Google’s platform in March.
Also, earlier this week Google indicated the first signs of softening its stance on cryptocurrency before launching its crackdown, additionally announcing that “The Google ads policy on financial products and services will be updated in October 2018 to allow regulated cryptocurrency exchanges to advertise in the United States and Japan.”