14 DAY TRIAL // With virtual currencies becoming more and more valuable, cybercriminals are increasingly focusing their attention on hijacking devices and abusing them for mining operations. One example is the CoinKrypt malware analyzed by Lookout researchers.
Experts have spotted CoinKrypt, which is designed to target Android devices, on some Spanish forums that offer pirated software. However, most of the infections appear to be in France.
This piece of malware is simple, but it can be highly efficient for mining certain virtual currencies. Since these days you need serious computing power to mine for Bitcoins, the most valuable virtual currency, cybercriminals are focusing on mining newer coins, such as Litecoin, Dogecoin and Casinocoin.
It’s almost one million times easier to mine for Litecoin than it is for Bitcoin. It’s around 3.5 million times easier to mine for Dogecoin. Although these coins are not as valuable, cybercriminals are probably hoping that one day they will be.
CoinKrypt is not designed to steal data from infected smartphones. However, that doesn’t mean it’s not a dangerous piece of malware. Unlike regular mining rigs, which are designed to limit the rate at which coins are mined to protect the hardware that powers the complex calculations, CoinKrypt abuses the infected device to the maximum until the battery is drained.
This means that the battery life of infected phones is considerably reduced. Furthermore, since the device is pushed to its limits, it can overheat, resulting in physical damage.
Another issue with such malware is that it sometimes downloads the blockchain, which can be several gigabytes in size. This means that the entire traffic included in your data plan could be consumed in no time.
CoinKrypt is not very efficient when it comes to mining. Lookout has calculated that one infected device can mine around 20 cents' worth of Litecoin after operating non-stop for a seven-day period. On the other hand, the existence of this threat provides important information regarding mobile malware trends.
“While mining as a strategy hasn’t paid off for these malware authors, as these digital currencies continue to grow, we predict that the number of new malware families targeting them will also continue to grow as malware authors experiment with various different strategies in their desire to cash in,” Lookout’s Marc Rogers noted.
Malware designed to mine for virtual currencies is not distributed only on shady forums. Experts have also identified a piece of malware on Google Play, disguised as various legitimate applications.