Cryptocurrency Mining Malware HiddenMiner Literally Uses Android Phones To Death

article by Sandra Trentino
June 26, 2019
Hackers have developed a new form of malware — known as “HiddenMiner” — that will infect Android devices and cause them to mine the cryptocurrency Monero until the corrupted device breaks down entirely.

The use of malware by hackers to mine cryptocurrencies is nothing new, and Android users have long known of the need to protect their devices against those looking to hijack them in order to take advantage of the explosion in cryptocurrency prices. However, there are two specific aspects of this malware that make it a unique cause for concern.

HiddenMiner Causes Device Failure; Difficult to Remove

For starters, in contrast to most malware which seeks to keep it’s host device online and working for as long as possible following a successful infection, HiddenMiner will continue to sap a devices vitality until it actually overheats or suffers battery failure.

Researchers have stated that the reason for this is the lack of a switch, controller, or optimizer in the code that makes HiddenMiner run. This means that even the hackers themselves cannot disable the virus once it impacts a device. The malware will simply continue to run until the device stops working.

In addition, there are a number of additional “security” features built into HiddenMiner that make it extremely difficult for users to detect or remove the program even after discovering its presence on their system. These include the use of transparent icons, forcing the user to give it administrative privileges and even anti-emulator code that makes it impossible for many software programs to detect its presence.

Finally, if HiddenMiner is discovered it will lock the device’s screen if an administrative user attempts to block the program, making it impossible to remove.

HiddenMiner Poses As Legitimate App On Google Play

Adding to the danger posed by HiddenMiner is the fact that hackers have been able to place the malware inside the Google Play store. This means that unlike many other types of malware, users can become infected even if they don’t do anything that is necessarily considered against good practices.

Security experts are warning that in order to protect themselves from this kind of threat, Android users should remain extra vigilant before downloading anything onto their device. Most importantly, always be sure to do proper research and understand the developer behind an application before downloading it.

Experts are also cautioning users to remember that it’s never safe to download an application from anywhere other than an official app store.

Updated Android Patch

One piece of good news is that Android is aware of the problem and has already begun taking measures to ensure that no other devices are affected. HiddenMiner took advantage of a flaw in the Android OS which has since been closed with the release of Android 7.0 Nougat.

However, users who have not updated their OS remain vulnerable, a fact that only further highlights the need for Android users to continually update their software. Even though it can be annoying or inconvenient, never allowing an OS to fall too far out of date is critical to protecting yourself against this latest malware threat.