A new android malware has been found! Android malware is becoming more and more widespread and newer versions of various types of malicious software for Android devices are getting released pretty much every week (if not every day). Recently, yet another cryptomining Android malware app has been detected by security researchers. Its name is Hiddenminer and it is a malware piece similar to the infamous Loapi miner. Hiddenminer mines for the Monero cryptocurrency exploiting the CPU of the device it has managed to infect. If not dealt with on time, the malware is capable of fully exhausting the CPU and the battery of the targeted device. The malware would work ceaselessly as long as the smartphone is still working.
This piece of malicious software is really sneaky and it is particularly difficult to detect. Hiddenminer employs a number of techniques to cover its tracks and most users never even realize that such a malicious app has gotten on their device. Initially, the malware piece represents itself disguised as an update request for the Google Store app – once the targeted device is infected, the nasty application would start popping-up on the user’s screen asking them to provide it with Administrative privileges. If the user fall for that request, the miner would get activated and would begin to exploit the processor of the device for mining Monero coins. During the time the malware piece remains inactive on the device, its icon is hidden and its label is empty so there’s only an odd empty space where the malware’s icon should be. A user that isn’t too vigilant would easily miss or disregard such an irregularity. Upon activation, the app fully disappears leaving no traces behind.
According to cyber security specialists, this app is typically distributed via third-party software download sources under the guise of some seemingly useful application. This means that if you frequently use sources for new apps different than the Google Play Store, then you should be really careful with what you download. Currently, Hiddenminer seems to be primarily targeting devices of users from China and India but it is perfectly possible that this malware might spread to other countries as well. Generally, a good rule of thumb when it comes to avoiding any kind of Android malware is to abstain from using third-party download sources and also to conduct a quick online research every time you are about to download some lesser-known app even if you are about to download it from the Play Store. Remember, most Android malware programs come packed as a built-in component with other, seemingly legitimate apps so you must always stay vigilant and cautious with regards to what you are downloading and installing on your device.